pis.digitic.io Open in urlscan Pro
159.89.196.75 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/DHLEXPRESSNEW
Effective URL:
https://pis.digitic.io/wp-content/themes/pis/xone/
Submission: On November 17 via automatic, source openphish (November 17th 2021, 1:34:37 pm UTC) — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 27 HTTP transactions. The main IP is 159.89.196.75, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is pis.digitic.io.
TLS certificate: Issued by R3 on October 25th 2021. Valid for: 3 months.

This is the only time pis.digitic.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 12	159.89.196.75 159.89.196.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	216.58.212.179 216.58.212.179	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
2	142.250.185.137 142.250.185.137	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:fb:... 2a02:26f0:fb:592::2d63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
27	8

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 159.89.196.75 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

pis.digitic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.179 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f19.1e100.net

www.prof-laptop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.137 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb:592::2d63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.dw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	digitic.io 1 redirects pis.digitic.io	1 MB
4	prof-laptop.com www.prof-laptop.com Failed	131 KB
2	blogger.com www.blogger.com	950 B
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	dw.com static.dw.com	37 KB
1	blogspot.com 1.bp.blogspot.com Failed 3.bp.blogspot.com	2 KB
1	googlesyndication.com pagead2.googlesyndication.com
1	bit.ly 1 redirects bit.ly	267 B
27	8

	Domain	Requested by
12	pis.digitic.io	1 redirects pis.digitic.io
4	www.prof-laptop.com	pis.digitic.io www.prof-laptop.com ajax.googleapis.com
2	www.blogger.com	www.prof-laptop.com
1	3.bp.blogspot.com	www.prof-laptop.com
1	static.dw.com	www.prof-laptop.com
1	ajax.googleapis.com	www.prof-laptop.com
1	fonts.googleapis.com	www.prof-laptop.com
1	pagead2.googlesyndication.com	www.prof-laptop.com
1	bit.ly	1 redirects
0	1.bp.blogspot.com Failed	www.prof-laptop.com
27	10

This site contains no links.

Subject Issuer	Validity	Valid
pis.digitic.io R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
www.prof-laptop.com GTS CA 1D4	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.dw.com GeoTrust RSA CA 2018	`2021-08-16` - `2022-08-16`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://pis.digitic.io/wp-content/themes/pis/xone/
Frame ID: AC400ED823EB9D306A4905F3C5CC43BB
Requests: 16 HTTP requests in this frame

Frame: https://www.prof-laptop.com/2021/01/blog-post_61.html
Frame ID: 2987F28DCCE5633A897C523E5F65C840
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sendungsverfolgung – Express | DHL | SchweizBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://bit.ly/DHLEXPRESSNEW HTTP 301
https://pis.digitic.io/wp-content/themes/pis/xone/ Page URL

Page Statistics

27
Requests

81 %
HTTPS

38 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

1744 kB
Transfer

2490 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/DHLEXPRESSNEW HTTP 301
https://pis.digitic.io/wp-content/themes/pis/xone/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://pis.digitic.io/global/dhl/news-alerts.gnf.json HTTP 302
https://www.prof-laptop.com/2021/01/blog-post_61.html

Request Chain 15

https://pis.digitic.io/wp-content/themes/pis/xone/dhl_files/saved_resource(1).html HTTP 302
https://www.prof-laptop.com/2021/01/blog-post_61.html

27 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pis.digitic.io/wp-content/themes/pis/xone/
Redirect Chain

https://bit.ly/DHLEXPRESSNEW
https://pis.digitic.io/wp-content/themes/pis/xone/

373 KB
44 KB

1406ms
873ms

Document
text/html

159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6e6518c86e9a2f721e82ad983f070cbda05aa0889d332f8dbe6e5812b5dce647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 17 Nov 2021 13:34:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

Redirect headers

server: nginx
date: Wed, 17 Nov 2021 13:34:28 GMT
content-type: text/html; charset=utf-8
content-length: 137
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://pis.digitic.io/wp-content/themes/pis/xone/
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK styles.pure.css
pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/ 891 KB
891 KB 509ms
508ms Stylesheet
text/css 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/styles.pure.css
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4c1bd2303650eb8f2a4ec1a42c5a7ea4ca6aad664ea472d5ebaa32f2d9c5c3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:30 GMT
Last-Modified: Fri, 05 Nov 2021 14:30:52 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6185401c-deb62"
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 912226
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style.js Show response
pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/ 95 KB
96 KB 501ms
260ms Script
application/javascript 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/style.js
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aeb09caab35170ca5b7238b35c65b352106d65412e117c1645027d6fe7431b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:30 GMT
Last-Modified: Mon, 08 Nov 2021 23:53:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6189b86c-17dfa"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97786
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle.da701d0ef3398103c6aa5536223a76cc.js Show response
pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/ 204 KB
204 KB 254ms
254ms Script
application/javascript 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/bundle.da701d0ef3398103c6aa5536223a76cc.js
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3f44ab63ac262433ae9ebd3332c7e30370569b8ce0d693faa7b73e1761a2e26d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Last-Modified: Mon, 01 Nov 2021 13:27:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "617feb5c-32f0d"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 208653
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bundle-utapi.da701d0ef3398103c6aa5536223a76cc.js Show response
pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/ 161 KB
162 KB 261ms
261ms Script
application/javascript 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/bundle-utapi.da701d0ef3398103c6aa5536223a76cc.js
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 94cf3ca757da926bb40faf8f86fb8ac297837a7d93ea5aaa09299567f8d8aa60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Last-Modified: Mon, 01 Nov 2021 13:27:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "617feb5c-284b4"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165044
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found sec-3-6.css
pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/ 0
0 259ms
258ms Stylesheet
text/html 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK sec-cpt-3-6.js Show response
pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/ 10 KB
11 KB 511ms
254ms Script
application/javascript 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/js/sec-cpt-3-6.js
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Last-Modified: Mon, 01 Nov 2021 13:27:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "617feb5c-294e"
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10574
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo.svg
pis.digitic.io/wp-content/themes/pis/xone/xone/source/img/ 2 KB
2 KB 515ms
257ms Image
image/svg+xml 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/img/logo.svg
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Last-Modified: Mon, 01 Nov 2021 13:27:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "617feb5c-643"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1603

GET
H/1.1 200
OK mail.svg
pis.digitic.io/wp-content/themes/pis/xone/xone/source/img/ 780 B
1 KB 771ms
257ms Image
image/svg+xml 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/img/mail.svg
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3591008e644fdf9f8272d46c8e8d4ad24f44b4d687c74a3f2d7759b7397bb275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Last-Modified: Tue, 02 Nov 2021 00:24:22 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "61808536-30c"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 780

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940

Request headers

Referer
Origin: https://pis.digitic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f

Request headers

Referer
Origin: https://pis.digitic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 40 KB
40 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383

Request headers

Referer
Origin: https://pis.digitic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 43 KB
43 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5

Request headers

Referer
Origin: https://pis.digitic.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H/1.1 404
Not Found sec-3-6.css
pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/ 0
0 483ms
253ms Stylesheet
text/html 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET

blog-post_61.html
www.prof-laptop.com/2021/01/
Redirect Chain

https://pis.digitic.io/global/dhl/news-alerts.gnf.json
https://www.prof-laptop.com/2021/01/blog-post_61.html

0
0

GET
H/1.1 404
Not Found sec-3-6.css
pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/ 0
0 260ms
259ms Stylesheet
text/html 159.89.196.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css
Requested by: Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.196.75 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/wp-content/themes/pis/xone/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 17 Nov 2021 13:34:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

blog-post_61.html Show response
www.prof-laptop.com/2021/01/ Frame 2987
Redirect Chain

https://pis.digitic.io/wp-content/themes/pis/xone/dhl_files/saved_resource(1).html
https://www.prof-laptop.com/2021/01/blog-post_61.html

154 KB
41 KB

604ms
214ms

Document
text/html

216.58.212.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prof-laptop.com/2021/01/blog-post_61.html

Requested by

Host: pis.digitic.io
URL: https://pis.digitic.io/wp-content/themes/pis/xone/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f19.1e100.net

Software

GSE /

Resource Hash

6993ea1236c3bd1e288f7e32123d73b763243bbd27caf52ed7f5aad9f7d28f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://pis.digitic.io/

Response headers

x-robots-tag: all
content-type: text/html; charset=UTF-8
expires: Wed, 17 Nov 2021 13:34:33 GMT
date: Wed, 17 Nov 2021 13:34:33 GMT
cache-control: private, max-age=0
last-modified: Sat, 30 Oct 2021 22:14:37 GMT
etag: W/"9f51626636ab72ef3437c137ad7d32cf289c7110a9e7326477794379d00bfce5"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 42105
server: GSE

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Wed, 17 Nov 2021 13:34:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.prof-laptop.com/2021/01/blog-post_61.html

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2987 9 KB
0 2305ms
2066ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9518813836561663

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prof-laptop.com/
Origin: https://www.prof-laptop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51358
x-xss-protection: 0
server: cafe
etag: 16082975410567963159
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 17 Nov 2021 13:34:34 GMT

GET adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2987 0
0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2987 710 B
870 B 431ms
47ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

9f4169e5cd2390babf73e19454bb55339366d3e2fd85b462b33f9ab96137556e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 13:25:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Nov 2021 13:34:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Nov 2021 13:34:34 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 2987 85 KB
30 KB 422ms
37ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 18:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 12 Nov 2022 18:47:59 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame 2987 1 B
862 B 542ms
131ms Stylesheet
text/css 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=645630319314565533&zx=70ac905a-019d-402f-9f36-ba16e1b3b07e

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Nov 2021 13:34:34 GMT
server: GSE
date: Wed, 17 Nov 2021 13:34:34 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET %25D8%25A3%25D9%2587%25D9%2585%25D9%258A%25D8%25A9_%25D8%25A7%25D9%2584%25D9%2585%25D8%25AF%25D8%25B1%25D8%25B3%25D8%25A9_%25D9%2581%25D9%258A_%25D8%25AA%25D9%2586%25D9%2585%25D9%258A%25D8%25A9_%25...
1.bp.blogspot.com/-UHj91fEyOO0/X_-izkNykFI/AAAAAAAAAbA/sM9EGMswBtw1XMs9zFACqWwt2q6yTVlHACLcBGAsYHQ/s320/ Frame 2987 0
0

GET
H2 200 %D8%A7%D9%84%D8%AD%D9%8A%D8%A7%D8%A9%20%D9%88%D8%A7%D9%84%D9%85%D8%AC%D8%AA%D9%85%D8%B9 Show response
www.prof-laptop.com/feeds/posts/default/-/ Frame 2987 31 KB
9 KB 222ms
222ms Script
text/javascript 216.58.212.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prof-laptop.com/feeds/posts/default/-/%D8%A7%D9%84%D8%AD%D9%8A%D8%A7%D8%A9%20%D9%88%D8%A7%D9%84%D9%85%D8%AC%D8%AA%D9%85%D8%B9?alt=json-in-script&redirect=false&start-index=1&max-results=6&callback=prst

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f19.1e100.net

Software

blogger-renderd /

Resource Hash

0257ce4bdecba647f9cac29e1f8a8e1b2597c52f6a450708e3531edb9d742e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/2021/01/blog-post_61.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Oct 2021 22:14:37 GMT
server: blogger-renderd
etag: W/"4a96dde51f41609300ca7e5a3df3daf6abe3ae1d095c09e1c61c57b8b65ab042"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 8486
x-xss-protection: 0
expires: Wed, 17 Nov 2021 13:34:35 GMT

GET
H2 200 blog-post_17.html Show response
www.prof-laptop.com/2021/01/ Frame 2987 153 KB
41 KB 233ms
233ms XHR
text/html 216.58.212.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prof-laptop.com/2021/01/blog-post_17.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f19.1e100.net

Software

GSE /

Resource Hash

8f0c3d6bf85dcac1bb03c4453519b1f9ea0b117805b113838e2045b65de09160

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.prof-laptop.com/2021/01/blog-post_61.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Oct 2021 22:14:37 GMT
server: GSE
etag: W/"9f51626636ab72ef3437c137ad7d32cf289c7110a9e7326477794379d00bfce5"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all
content-length: 42164
x-xss-protection: 1; mode=block
expires: Wed, 17 Nov 2021 13:34:34 GMT

GET
H2 200 blog-post_31.html Show response
www.prof-laptop.com/2021/01/ Frame 2987 150 KB
40 KB 686ms
686ms XHR
text/html 216.58.212.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.prof-laptop.com/2021/01/blog-post_31.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.179 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f19.1e100.net

Software

GSE /

Resource Hash

821d0d30b3928147c9d2998442430039a53c91eb4fbfad1c5e6b22fbc3e37500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.prof-laptop.com/2021/01/blog-post_61.html
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 13:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 30 Oct 2021 22:14:37 GMT
server: GSE
etag: W/"9f51626636ab72ef3437c137ad7d32cf289c7110a9e7326477794379d00bfce5"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all
content-length: 41022
x-xss-protection: 1; mode=block
expires: Wed, 17 Nov 2021 13:34:35 GMT

GET
H2 200 37617466_303.jpg
static.dw.com/image/ Frame 2987 36 KB
37 KB 58ms
13ms Image
image/jpeg 2a02:26f0:fb:592::2d63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dw.com/image/37617466_303.jpg

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb:592::2d63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e0aacccaaa6e35fb087ca211d1d57325af6c8bde9d0937a34aa9f3ba18ca213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: max-age=3342
accept-ranges: bytes
date: Wed, 17 Nov 2021 13:34:34 GMT
content-length: 37334
content-type: image/jpeg;charset=UTF-8

GET
H2 200 256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ Frame 2987 1 KB
2 KB 1412ms
126ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 10:36:22 GMT
x-content-type-options: nosniff
age: 10693
content-disposition: inline;filename="256-256.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1286
x-xss-protection: 0
server: fife
etag: "v4ed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 22 Oct 2021 22:35:12 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame 2987 1 B
88 B 226ms
225ms Stylesheet
text/css 142.250.185.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=645630319314565533&zx=70ac905a-019d-402f-9f36-ba16e1b3b07e

Requested by

Host: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f9.1e100.net

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.prof-laptop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Nov 2021 13:34:34 GMT
server: GSE
date: Wed, 17 Nov 2021 13:34:34 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET download%2B%25282%2529.jpeg
1.bp.blogspot.com/-x13OEnXBXLc/X_-jbeyKNzI/AAAAAAAAAbQ/fNUvhZL472w4atQF_GsKgFdGI_Y96JwYwCLcBGAsYHQ/s320/ Frame 2987 0
0

GET %25D8%25A8%25D9%2585%25D8%25A7%25D8%25B0%25D8%25A7_%25D8%25AA%25D8%25B4%25D8%25AA%25D9%2587%25D8%25B1_%25D8%25A7%25D9%2584%25D9%2585%25D8%25BA%25D8%25B1%25D8%25A8.jpg
1.bp.blogspot.com/-wOC8BGeIyqs/X_-hvpJ9ThI/AAAAAAAAAa0/VWg_vi0ACAA0tn6o3m6dTHb0fnHcPp29ACLcBGAsYHQ/s320/ Frame 2987 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.prof-laptop.com
URL: https://www.prof-laptop.com/2021/01/blog-post_61.html

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4406947331357408

Domain: 1.bp.blogspot.com
URL: https://1.bp.blogspot.com/-UHj91fEyOO0/X_-izkNykFI/AAAAAAAAAbA/sM9EGMswBtw1XMs9zFACqWwt2q6yTVlHACLcBGAsYHQ/s320/%25D8%25A3%25D9%2587%25D9%2585%25D9%258A%25D8%25A9_%25D8%25A7%25D9%2584%25D9%2585%25D8%25AF%25D8%25B1%25D8%25B3%25D8%25A9_%25D9%2581%25D9%258A_%25D8%25AA%25D9%2586%25D9%2585%25D9%258A%25D8%25A9_%25D8%25A7%25D9%2584%25D9%2585%25D8%25AC%25D8%25AA%25D9%2585%25D8%25B9.jpg

Domain: 1.bp.blogspot.com
URL: https://1.bp.blogspot.com/-x13OEnXBXLc/X_-jbeyKNzI/AAAAAAAAAbQ/fNUvhZL472w4atQF_GsKgFdGI_Y96JwYwCLcBGAsYHQ/s320/download%2B%25282%2529.jpeg

Domain: 1.bp.blogspot.com
URL: https://1.bp.blogspot.com/-wOC8BGeIyqs/X_-hvpJ9ThI/AAAAAAAAAa0/VWg_vi0ACAA0tn6o3m6dTHb0fnHcPp29ACLcBGAsYHQ/s320/%25D8%25A8%25D9%2585%25D8%25A7%25D8%25B0%25D8%25A7_%25D8%25AA%25D8%25B4%25D8%25AA%25D9%2587%25D8%25B1_%25D8%25A7%25D9%2584%25D9%2585%25D8%25BA%25D8%25B1%25D8%25A8.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 03:05:08	Name: _bit Value: lahdys-04876e192d1e8e007e-00r

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pis.digitic.io/wp-content/themes/pis/xone/xone/source/css/sec-3-6.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
ajax.googleapis.com
bit.ly
fonts.googleapis.com
pagead2.googlesyndication.com
pis.digitic.io
static.dw.com
www.blogger.com
www.prof-laptop.com
1.bp.blogspot.com
pagead2.googlesyndication.com
www.prof-laptop.com
142.250.185.137
142.250.185.170
159.89.196.75
216.58.212.179
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2001
2a02:26f0:fb:592::2d63
67.199.248.11
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0257ce4bdecba647f9cac29e1f8a8e1b2597c52f6a450708e3531edb9d742e87
05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
3591008e644fdf9f8272d46c8e8d4ad24f44b4d687c74a3f2d7759b7397bb275
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
3f44ab63ac262433ae9ebd3332c7e30370569b8ce0d693faa7b73e1761a2e26d
4c1bd2303650eb8f2a4ec1a42c5a7ea4ca6aad664ea472d5ebaa32f2d9c5c3db
4e0aacccaaa6e35fb087ca211d1d57325af6c8bde9d0937a34aa9f3ba18ca213
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
6993ea1236c3bd1e288f7e32123d73b763243bbd27caf52ed7f5aad9f7d28f3b
6e6518c86e9a2f721e82ad983f070cbda05aa0889d332f8dbe6e5812b5dce647
821d0d30b3928147c9d2998442430039a53c91eb4fbfad1c5e6b22fbc3e37500
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
8f0c3d6bf85dcac1bb03c4453519b1f9ea0b117805b113838e2045b65de09160
94cf3ca757da926bb40faf8f86fb8ac297837a7d93ea5aaa09299567f8d8aa60
9f4169e5cd2390babf73e19454bb55339366d3e2fd85b462b33f9ab96137556e
aeb09caab35170ca5b7238b35c65b352106d65412e117c1645027d6fe7431b23
e2429015bf4b995fe06db415efe71c1c345b8a536f605e5708342e8bba8c564f
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21

pis.digitic.io Open in urlscan Pro 159.89.196.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

81 %HTTPS

38 %IPv6

8 Domains

10 Subdomains

8 IPs

3 Countries

1744 kBTransfer

2490 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

pis.digitic.io Open in urlscan Pro
159.89.196.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

81 %
HTTPS

38 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

1744 kB
Transfer

2490 kB
Size

1
Cookies

27 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!