urlscan.io logo urlscan.io
SecurityTrails logo

plapi.dev.safewindow.net Open in urlscan Pro
202.92.209.30  Public Scan

Go To Rescan Add Verdict Report
URL: https://plapi.dev.safewindow.net/
Submission: On October 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 202.92.209.30, located in Australia and belongs to CENTRALDATA-WA Central Data Pty Ltd., AU. The main domain is plapi.dev.safewindow.net.
TLS certificate: Issued by R3 on October 18th 2021. Valid for: 3 months.
This is the only time plapi.dev.safewindow.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 202.92.209.30 18065 (CENTRALDA...)
2 172.67.30.148 13335 (CLOUDFLAR...)
2 202.81.214.178 18065 (CENTRALDA...)
6 3
Domain Requested by
2 kbapi.bankvault.com plapi.dev.safewindow.net
2 getbootstrap.com plapi.dev.safewindow.net
2 plapi.dev.safewindow.net plapi.dev.safewindow.net
6 3

This site contains links to these domains. Also see Links.

Domain
pass.safewindowonline.com
Subject Issuer Validity Valid
dev.safewindow.net
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
*.bankvault.com
Sectigo RSA Organization Validation Secure Server CA		 2021-09-20 -
2022-10-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plapi.dev.safewindow.net/
Frame ID: C59DCCFA8F834E0AA8CB8DF4390BBE78
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Signin Template for Bootstrap

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

286 kB
Transfer

406 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
plapi.dev.safewindow.net/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plapi.dev.safewindow.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.92.209.30 , Australia, ASN18065 (CENTRALDATA-WA Central Data Pty Ltd., AU),
Reverse DNS
plapi.dev.safewindow.net
Software
Perl Dancer 1.3202 / Perl Dancer 1.3202
Resource Hash
6751fdbd79672ef66b54d019faaa7d335e325b29ae714b63b0da521bc78b07a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
plapi.dev.safewindow.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 19 Oct 2021 00:42:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
Perl Dancer 1.3202
Set-Cookie
dancer.session=746364314358824359338785764739511868; path=/; Secure; HttpOnly
X-Powered-By
Perl Dancer 1.3202
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Feature-Policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Content-Encoding
gzip
bootstrap.min.css
getbootstrap.com/docs/4.0/dist/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getbootstrap.com/docs/4.0/dist/css/bootstrap.min.css
Requested by
Host: plapi.dev.safewindow.net
URL: https://plapi.dev.safewindow.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.30.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id
73e5c4e4e7c445c7ec9846651657266143660ee6
date
Tue, 19 Oct 2021 00:42:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19133-FRA
last-modified
Sat, 09 Oct 2021 15:28:12 GMT
server
cloudflare
x-github-request-id
D1EC:6152:15FFE5B:16C65E5:6161B570
x-timer
S1633805551.646989,VS0,VE1
etag
W/"6161b50c-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=14400
x-proxy-cache
HIT
cf-ray
6a05f79e4f954138-PRG
x-origin-cache
HIT
expires
Sun, 17 Oct 2021 06:01:13 GMT
signin.css
getbootstrap.com/docs/4.0/examples/sign-in/ 		902 B
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getbootstrap.com/docs/4.0/examples/sign-in/signin.css
Requested by
Host: plapi.dev.safewindow.net
URL: https://plapi.dev.safewindow.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.30.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
841f0a6bf6a4d8c83732f66a4676034c76c59d4ffb6c57a93e1fb330907fa128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id
bf5a7e6536560b559e8a8bf8e669f3b7761917d7
date
Tue, 19 Oct 2021 00:42:34 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19182-FRA
last-modified
Sat, 09 Oct 2021 15:28:12 GMT
server
cloudflare
x-github-request-id
21AE:43DF:8C7269:943EC8:616A48D2
x-timer
S1634489552.709901,VS0,VE1
etag
W/"6161b50c-386"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=14400
x-proxy-cache
MISS
cf-ray
6a05f79e4f964138-PRG
x-origin-cache
HIT
expires
Mon, 18 Oct 2021 18:40:29 GMT
BankVaultApi.js
kbapi.bankvault.com/js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kbapi.bankvault.com/js/BankVaultApi.js?v1_0_1
Requested by
Host: plapi.dev.safewindow.net
URL: https://plapi.dev.safewindow.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.81.214.178 , Australia, ASN18065 (CENTRALDATA-WA Central Data Pty Ltd., AU),
Reverse DNS
frontend.api.bankvault.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ee823130f84b3ebcdb4e5e8155fb4d80d25677019f9645be631e6bff056fd18b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 00:42:35 GMT
referrer-policy
same-origin
last-modified
Fri, 18 Jun 2021 01:06:39 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60cbf19f-2729"
x-frame-options
DENY
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
content-security-policy
default-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
10025
x-content-type-options
nosniff
jsQR.js
kbapi.bankvault.com/js/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kbapi.bankvault.com/js/jsQR.js
Requested by
Host: plapi.dev.safewindow.net
URL: https://plapi.dev.safewindow.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.81.214.178 , Australia, ASN18065 (CENTRALDATA-WA Central Data Pty Ltd., AU),
Reverse DNS
frontend.api.bankvault.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3f499490d1f70abbff5a07f3baa941470645365508ff00c837438bc190ca9b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 00:42:35 GMT
referrer-policy
same-origin
last-modified
Tue, 07 May 2019 02:16:49 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5cd0ea91-3ded5"
x-frame-options
DENY
content-type
application/javascript
x-xss-protection
1; mode=block
feature-policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
content-security-policy
default-src 'self'
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
253653
x-content-type-options
nosniff
Cookie set login.png
plapi.dev.safewindow.net/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plapi.dev.safewindow.net/login.png
Requested by
Host: plapi.dev.safewindow.net
URL: https://plapi.dev.safewindow.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.92.209.30 , Australia, ASN18065 (CENTRALDATA-WA Central Data Pty Ltd., AU),
Reverse DNS
plapi.dev.safewindow.net
Software
Perl Dancer 1.3202 / Perl Dancer 1.3202
Resource Hash
1f5e039e6f50d42b2de97cd2b5c6e301b4710dd345e4685a4296e015961132f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
plapi.dev.safewindow.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://plapi.dev.safewindow.net/
Cookie
dancer.session=746364314358824359338785764739511868
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://plapi.dev.safewindow.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 00:42:35 GMT
Content-Encoding
gzip
Referrer-Policy
same-origin
Server
Perl Dancer 1.3202
X-Powered-By
Perl Dancer 1.3202
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
Set-Cookie
dancer.session=746364314358824359338785764739511868; path=/; Secure; HttpOnly
X-XSS-Protection
1; mode=block
Connection
keep-alive
Feature-Policy
geolocation none;midi none;notifications none;push none;sync-xhr none;microphone none;camera none;magnetometer none;gyroscope none;speaker self;vibrate none;fullscreen self;payment none;
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| BankVaultApi function| jsQR

1 Cookies

Domain/Path Name / Value
plapi.dev.safewindow.net/ Name: dancer.session
Value: 746364314358824359338785764739511868

13 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'notifications'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'push'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'self'.
security warning
Message:
Error with Feature-Policy header: Unrecognized origin: 'none'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block