urlscan.io logo urlscan.io
SecurityTrails logo

bodi-dev.depostbode.com Open in urlscan Pro
2a0b:3100:20::b1  Public Scan

Go To Rescan Add Verdict Report
URL: https://bodi-dev.depostbode.com/
Submission: On September 25 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a0b:3100:20::b1, located in Netherlands and belongs to NL-BIT BIT BV, NL. The main domain is bodi-dev.depostbode.com.
TLS certificate: Issued by R10 on September 24th 2024. Valid for: 3 months.
This is the only time bodi-dev.depostbode.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a0b:3100:20::b1 12859 (NL-BIT BI...)
2 3 2600:9000:266... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
8 4
Apex Domain
Subdomains		 Transfer
6 depostbode.com
bodi-dev.depostbode.com
282 KB
3 tiny.cloud
cdn.tiny.cloud — Cisco Umbrella Rank: 32756
184 KB
1 tinymce.com
sp.tinymce.com — Cisco Umbrella Rank: 34833
402 B
8 3
Domain Requested by
6 bodi-dev.depostbode.com bodi-dev.depostbode.com
3 cdn.tiny.cloud 2 redirects bodi-dev.depostbode.com
1 sp.tinymce.com bodi-dev.depostbode.com
8 3

This site contains no links.

Subject Issuer Validity Valid
bodi-dev.depostbode.com
R10		 2024-09-24 -
2024-12-23		 3 months crt.sh
tinymce.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bodi-dev.depostbode.com/
Frame ID: 6D36FED7619FC496D6BBFC38C72E9421
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bodi

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

465 kB
Transfer

1068 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://cdn.tiny.cloud/1/g31leulv92co9idpqy9ibfnyvmgwmpltcaidaqwgollcfwle/tinymce/6/tinymce.min.js HTTP 307
  • https://cdn.tiny.cloud/1/g31leulv92co9idpqy9ibfnyvmgwmpltcaidaqwgollcfwle/tinymce/6.8.4-35/tinymce.min.js HTTP 307
  • https://cdn.tiny.cloud/1/invalid-origin/tinymce/6.8.4-35/tinymce.min.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bodi-dev.depostbode.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bodi-dev.depostbode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
fa0c90909745a497123541845999732b5eddc6c71b17871d6fa9cb1c6d56150d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Sep 2024 13:10:15 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
camera=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app.css
bodi-dev.depostbode.com/css/ 		228 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bodi-dev.depostbode.com/css/app.css?id=6442664d53b5098c6df1200f16fda59d
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
15c1f47909182da760665c4911ce8f1019f8705516a457b04f42e17186db5fe6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
max-age=604800, public
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Sep 2024 13:10:15 GMT
content-type
text/css
last-modified
Tue, 24 Sep 2024 09:55:41 GMT
server
nginx
vary
Accept-Encoding
logo-bodi.svg
bodi-dev.depostbode.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodi-dev.depostbode.com/images/logo-bodi.svg
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
165f0b29cb56edde20f73dcea37a464f5daf7b7fdfde53556257419cca69e4f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
max-age=604800, public
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Sep 2024 13:10:15 GMT
content-type
image/svg+xml
last-modified
Tue, 24 Sep 2024 09:55:13 GMT
server
nginx
vary
Accept-Encoding
tinymce.min.js
cdn.tiny.cloud/1/invalid-origin/tinymce/6.8.4-35/
Redirect Chain
  • https://cdn.tiny.cloud/1/g31leulv92co9idpqy9ibfnyvmgwmpltcaidaqwgollcfwle/tinymce/6/tinymce.min.js
  • https://cdn.tiny.cloud/1/g31leulv92co9idpqy9ibfnyvmgwmpltcaidaqwgollcfwle/tinymce/6.8.4-35/tinymce.min.js
  • https://cdn.tiny.cloud/1/invalid-origin/tinymce/6.8.4-35/tinymce.min.js
446 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/invalid-origin/tinymce/6.8.4-35/tinymce.min.js
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/
Protocol
H2
Server
2600:9000:266e:ac00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e83aec891e9868b6e424b4cdf55bedaf0163414905c00061ffb21fa6dda380a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
W/"/RwBQNFe7Tn4PyIAusqLT2XOm8JWylk0ginKVYsrUiI="
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
_KAYNSZhFbOlEb9Pk4sZjEYTye4oNe2myUHBektU7cRDWHfaRE7U9Q==
date
Wed, 25 Sep 2024 13:10:16 GMT
content-type
application/javascript; charset=utf-8
vary
Origin
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=600, stale-if-error=3000, stale-while-revalidate=3000
access-control-allow-credentials
true
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P8
server
nginx/1.20.0

Redirect headers

access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
14q_AdLIFxAZkC0X0p22LN6oSiEu8hsXrwhhWU0lDvyiZoNZgYvrTQ==
date
Wed, 25 Sep 2024 13:10:15 GMT
vary
Origin
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=10, max-age=0
location
https://cdn.tiny.cloud/1/invalid-origin/tinymce/6.8.4-35/tinymce.min.js
access-control-allow-credentials
true
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
FRA56-P8
server
nginx/1.20.0
app.js
bodi-dev.depostbode.com/js/ 		198 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bodi-dev.depostbode.com/js/app.js?id=9e4f7b466fbb7aaf1cd7e4f1443fab69
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
c73d88f657f99dd9e247a50e3adeb9d8fe6196b83a1bdc7d0a104a2e51ea0e40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control
max-age=604800, public
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
date
Wed, 25 Sep 2024 13:10:15 GMT
content-type
application/javascript
last-modified
Tue, 24 Sep 2024 09:55:41 GMT
server
nginx
vary
Accept-Encoding
bg.jpg
bodi-dev.depostbode.com/images/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bodi-dev.depostbode.com/images/bg.jpg
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/css/app.css?id=6442664d53b5098c6df1200f16fda59d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
dd978a359c98c292568c28da751c31d5384f4be9e77d4560e90f73933b9f2d4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/css/app.css?id=6442664d53b5098c6df1200f16fda59d

Response headers

cache-control
max-age=604800, public
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
186192
date
Wed, 25 Sep 2024 13:10:15 GMT
content-type
image/jpeg
last-modified
Tue, 24 Sep 2024 09:55:13 GMT
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca501c11d04e65069654b35501b86e8e1b14997e0d4f3746bb7c6d57f8486d20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
i
sp.tinymce.com/ 		43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=invalid-origin&tna=tinymce_cloud&p=web&dtm=1727269816637&stm=1727269816637&tz=Europe%2FAmsterdam&e=se&se_ca=script_load
Requested by
Host: bodi-dev.depostbode.com
URL: https://bodi-dev.depostbode.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2a00:1d:ecb5:1a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

cache-control
no-store
etag
"fb02f374b8f73825415db1bccd4bd76d"
age
42432
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
43
x-amz-cf-id
UP2D6_xk4FM28Ej2e-sqKCSKixAhuPUxErB5QM7LgNrX7fSDukmxog==
date
Wed, 25 Sep 2024 01:23:05 GMT
content-type
image/gif
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
favicon.ico
bodi-dev.depostbode.com/ 		0
258 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bodi-dev.depostbode.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:3100:20::b1 , Netherlands, ASN12859 (NL-BIT BIT BV, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://bodi-dev.depostbode.com/

Response headers

strict-transport-security
max-age=63072000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
permissions-policy
camera=()
accept-ranges
bytes
content-length
0
date
Wed, 25 Sep 2024 13:10:16 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Tue, 24 Sep 2024 09:55:13 GMT
server
nginx
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| csrfToken boolean| guest object| tinymce object| tinyMCE function| axios number| uidEvent object| submissionHandler object| addressbook

3 Cookies

Domain/Path Name / Value
bodi-dev.depostbode.com/ Name: PHPSESSID
Value: l57ai85ag4ndgm3glisqtfeg7i
bodi-dev.depostbode.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IklVZCt6dDZVSVZMTnBMdnZNY1A3T3c9PSIsInZhbHVlIjoiMG9lelRDaWpTYzBVdExsSVpkRVlXRUJBRk5NUUduN3ZIV1Nad1FQWEhQMDBzNDVFSXEwa0ZUMk5CZHN4ZGpkZnZsNDkxQVNRQ1JhNUxSSzA3M3Q4UlpEb3NEZDJyd1NicXVjZGhCRm5hTGtNSXV1Tzlzekdna2lEaC9ERU5kWkYiLCJtYWMiOiJiNmFmYTI5OTI2MTBmOTZiYTM5OGZkMzlhZTZjYzUwZDNjNDAyNjhhYjM0ODhmOThiMWNlYjZjMTI4ZDUxZjk0IiwidGFnIjoiIn0%3D
bodi-dev.depostbode.com/ Name: bodi_session
Value: eyJpdiI6IlFydU94dnVDZENlbkRvNyt2cTlqaHc9PSIsInZhbHVlIjoiMm5xV3YwM0RmQlBtMTZYVVNnbmR0aHZOTm9uaXdRVC9oajVHN0drSmNzSGNoaTdseE93VGlLTGpBQlJ1Q1E5blZtZEFsUkRNK1BCQlpLaU52dGkzOHpmMWF2bVBRRk01eFpTTTJDaGV6MlJQM3VuSXhyK3VCNTNoZE9TM0FKRUMiLCJtYWMiOiJjMTY0NTJiZmFkMWZlNjQzY2Q4ZTA5MjQ5NjJmMzRlMTcwODU2YzE1OThlZDMwMzdlMTAwYTY3MzJmN2M3MmYzIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block