91.215.85.20 Open in urlscan Pro
91.215.85.20 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://91.215.85.20/de/bank/postbank
Submission: On April 24 via manual (April 24th 2023, 2:12:05 pm UTC) from DE — Scanned from NL

Summary HTTP 46 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 5 domains to perform 46 HTTP transactions. The main IP is 91.215.85.20, located in Russian Federation and belongs to PROSPERO-AS, RU. The main domain is 91.215.85.20.

This is the only time 91.215.85.20 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Postbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
21	91.215.85.20 91.215.85.20	200593 (PROSPERO-AS) (PROSPERO-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2600:9000:225... 2600:9000:2251:b200:13:46b5:7d80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
1	3.76.158.250 3.76.158.250	16509 (AMAZON-02) (AMAZON-02)
5	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:2... 2600:1901:0:256b::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7903::	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:1... 2600:1901:0:1e38::	15169 (GOOGLE) (GOOGLE)
1	34.95.108.180 34.95.108.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:224... 2600:9000:224a:ae00:15:e39e:8900:93a1	16509 (AMAZON-02) (AMAZON-02)
46	12

21 91.215.85.20 (Russian Federation)

ASN200593 (PROSPERO-AS, RU)

91.215.85.20	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2251:b200:13:46b5:7d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.deutsche-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.158.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-158-250.eu-central-1.compute.amazonaws.com

bootstrap.smartsuppchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

widget-v2.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translations.smartsuppcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:256b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

aggregator.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7903:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

graphql.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:ae00:15:e39e:8900:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.postbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	usercentrics.eu api.usercentrics.eu — Cisco Umbrella Rank: 7504 app.usercentrics.eu — Cisco Umbrella Rank: 7835 aggregator.service.usercentrics.eu — Cisco Umbrella Rank: 9665 graphql.usercentrics.eu — Cisco Umbrella Rank: 10689 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 12607 uct.service.usercentrics.eu — Cisco Umbrella Rank: 13717	22 KB
5	smartsuppcdn.com widget-v2.smartsuppcdn.com — Cisco Umbrella Rank: 53558 translations.smartsuppcdn.com — Cisco Umbrella Rank: 46641	194 KB
3	deutsche-bank.de www.deutsche-bank.de — Cisco Umbrella Rank: 227864	53 KB
2	smartsuppchat.com www.smartsuppchat.com — Cisco Umbrella Rank: 43602 bootstrap.smartsuppchat.com — Cisco Umbrella Rank: 41425	6 KB
1	postbank.de www.postbank.de — Cisco Umbrella Rank: 287010	34 KB
46	5

	Domain	Requested by
6	api.usercentrics.eu	91.215.85.20
4	widget-v2.smartsuppcdn.com	www.smartsuppchat.com
3	www.deutsche-bank.de	client www.deutsche-bank.de
2	consent-api.service.consent.usercentrics.eu	91.215.85.20
2	graphql.usercentrics.eu	91.215.85.20
2	aggregator.service.usercentrics.eu	91.215.85.20
1	www.postbank.de
1	uct.service.usercentrics.eu
1	app.usercentrics.eu
1	translations.smartsuppcdn.com	widget-v2.smartsuppcdn.com
1	bootstrap.smartsuppchat.com	www.smartsuppchat.com
1	www.smartsuppchat.com	91.215.85.20
46	12

This site contains links to these domains. Also see Links.

Domain
banking.postbank.de
www.postbank.de

Subject Issuer	Validity	Valid
*.smartsuppchat.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-11-30` - `2023-12-29`	a year	crt.sh
www.deutsche-bank.de DigiCert EV RSA CA G2	`2022-11-15` - `2023-11-14`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.smartsuppcdn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-19` - `2023-11-19`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2023-04-11` - `2023-07-11`	3 months	crt.sh
aggregator.service.usercentrics.eu GTS CA 1D4	`2023-04-01` - `2023-06-30`	3 months	crt.sh
graphql.usercentrics.eu GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu GTS CA 1D4	`2023-04-23` - `2023-07-22`	3 months	crt.sh
uct.service.usercentrics.eu GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
postbank.de DigiCert EV RSA CA G2	`2022-09-15` - `2023-09-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://91.215.85.20/de/bank/postbank
Frame ID: 88D75F4AA4D00EBFC237503AC4CC8095
Requests: 34 HTTP requests in this frame

Frame: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/cross-domain-bridge.html
Frame ID: 7ACBE6CDB6DEA709B453707022320217
Requests: 1 HTTP requests in this frame

Frame: http://91.215.85.20/de/bank/postbankassets/scripts/cross-domain-bridge.html
Frame ID: F10F62DB37EAC9B2975C1495BD620431
Requests: 1 HTTP requests in this frame

Frame: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.1934e153.js
Frame ID: 3448F68DEA7767584053108228B0FCE7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Postbank Banking & Brokerage | 1677320387702

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

46
Requests

54 %
HTTPS

75 %
IPv6

5
Domains

12
Subdomains

12
IPs

3
Countries

2190 kB
Transfer

2713 kB
Size

3
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://banking.postbank.de/#/login/reset
Title: Zugangsdaten vergessen?

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/gutzuwissen-banking-login.html
Title: Informationen für Privatkunden

Search URL Search Domain Scan URL

URL: https://www.postbank.de/umzug-gk
Title: Informationen für Geschäftskunden

Search URL Search Domain Scan URL

URL: https://www.postbank.de/privatkunden/services/banking-und-brokerage/postbank-id.html
Title: Postbank ID einrichten

Search URL Search Domain Scan URL

URL: https://www.postbank.de/privatkunden/services/sicherheit/aktuelle-hinweise.html
Title: Zu den Sicherheitshinweisen

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_erste-schritte.html
Title: Erste Schritte

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_terminvereinbarung.html
Title: Terminvereinbarung

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_kontakt.html
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_impressum.html
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_rechtshinweise.html
Title: Rechtshinweise

Search URL Search Domain Scan URL

URL: https://www.postbank.de/redirects/redirect_banking_datenschutz.html
Title: Datenschutz

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request postbank Show response
91.215.85.20/de/bank/ 713 KB
713 KB 300ms
243ms Document
text/html 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 4ee65499a52a526b4930365ad9d02c754c95f1dd45b9d6b651593888e2d389ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 24 Apr 2023 14:11:59 GMT
Keep-Alive: timeout=72
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found NRJS-7200c241d4b12b5d9b7
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 131ms
74ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/NRJS-7200c241d4b12b5d9b7
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 136
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found newrelic-agent-1216.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 135ms
78ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/newrelic-agent-1216.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 143
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found newrelic-loader-1216.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 136ms
79ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/newrelic-loader-1216.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 144
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK usercentrics-loader-3.6.0-20221121.js.download Show response
91.215.85.20/static/de/bank/postbank/ 602 B
896 B 66ms
66ms Script
application/octet-stream 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-loader-3.6.0-20221121.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 8e774cc0790fa0338b5a30dc3629c5a28df695a2b653cd6c6bf847cc6b810f5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:21 GMT
etag: W/"25a-1876de734e7"
content-type: application/octet-stream
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 602

GET
H/1.1 200
OK styles.f422269988a809f0.css
91.215.85.20/static/de/bank/postbank/ 268 KB
269 KB 135ms
79ms Stylesheet
text/css 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/static/de/bank/postbank/styles.f422269988a809f0.css
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 69cffe46f97fe44c0cf3812e6c9d6597a19531edd4c2854c7011da19c0ba73c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:25 GMT
etag: W/"431d4-1876de7420b"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 274900

GET
H/1.1 200
OK usercentrics-3.6.0.js.download Show response
91.215.85.20/static/de/bank/postbank/ 600 KB
600 KB 65ms
64ms Script
application/octet-stream 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: f4887682931c3805d1b837914ac30db2a54cee7a49074844339107f916930a03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:23 GMT
etag: W/"95e69-1876de73c77"
content-type: application/octet-stream
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 613993

GET
H2 200 loader.js Show response
www.smartsuppchat.com/ 19 KB
6 KB 91ms
18ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.smartsuppchat.com/loader.js?
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a1f452567983dc505d5514cba4297e731be583360051d053579888f4b2422aff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Apr 2023 14:12:00 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 57
x-accel-date: 1682345463
x-77-nzt: AcO1rgVz9Tf/OQAAAA
x-accel-expires: @1682345523
last-modified: Mon, 13 Mar 2023 07:47:07 GMT
server: CDN77-Turbo
etag: W/"640ed4fb-4a0b"
x-77-nzt-ray: 25b02131f6c470e2308e46642a15cf09
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300, public, s-maxage=60
expires: Mon, 13 Mar 2023 07:54:04 GMT

GET
H2 200 fonts.css
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 1 KB
860 B 134ms
30ms Stylesheet
text/css 2600:9000:2251:b200:13:46b5:7d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:b200:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:12:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors https://*.deutsche-bank.de
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 226
last-modified: Wed, 24 Feb 2021 08:20:14 GMT
server: Apache
db-nickname: VTJGc2RHVmtYMTlTb1NTZlVUS09nRXZqZVZLMmpJdThnV0dJVlJHWWtSdz0=
vary: Accept-Encoding,Origin
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: L0_cJx2YIAMQyHgtvE6v4tds0CV6EijYci2XK19LY-hDBM34Vv5EYQ==
expires: Tue, 23 Apr 2024 14:12:00 GMT

GET
H/1.1 404
Not Found usercentrics-3.6.0.js
91.215.85.20/de/bank/assets/scripts/ 0
0 55ms
55ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/assets/scripts/usercentrics-3.6.0.js
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-loader-3.6.0-20221121.js.download
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 107
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK teaser-image-pb.jpg
91.215.85.20/static/de/bank/postbank/ 44 KB
45 KB 61ms
60ms Image
image/jpeg 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://91.215.85.20/static/de/bank/postbank/teaser-image-pb.jpg
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 97fe447ddc107dc8b5f84af5b559f36c71eb2da143a98ef3080014d1f17c994a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:22 GMT
etag: W/"b0ef-1876de7380f"
content-type: image/jpeg
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 45295

GET
H/1.1 404
Not Found runtime.a7565196be371f38.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 60ms
59ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/runtime.a7565196be371f38.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://91.215.85.20/de/bank/postbank
Origin: http://91.215.85.20
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 148
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found polyfills.355997a7c40d2123.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 60ms
59ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/polyfills.355997a7c40d2123.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://91.215.85.20/de/bank/postbank
Origin: http://91.215.85.20
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 150
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found scripts.d056530755f64853.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 60ms
59ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/scripts.d056530755f64853.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 148
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found main.73a6c671ad629e6e.js.download
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ 0
0 117ms
59ms Script
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/main.73a6c671ad629e6e.js.download
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://91.215.85.20/de/bank/postbank
Origin: http://91.215.85.20
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 145
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK longpoll.js Show response
91.215.85.20/static/js/ 2 KB
2 KB 121ms
60ms Script
application/javascript 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/static/js/longpoll.js
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 9ed08dc467576c5d7927b0ed116cb7853faa2cd1d41b8e10d10309b91569e5b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Mon, 10 Apr 2023 14:12:58 GMT
etag: W/"639-1876b8349d5"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 1593

GET
H/1.1 200
OK pbbg.94a99b13acbdc92b.jpg
91.215.85.20/static/de/bank/postbank/ 243 KB
243 KB 103ms
61ms Image
image/jpeg 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://91.215.85.20/static/de/bank/postbank/pbbg.94a99b13acbdc92b.jpg
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:21 GMT
etag: W/"3cbb5-1876de7334b"
content-type: image/jpeg
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 248757

GET
H/1.1 200
OK pb-logo-with-title-no-subline.39cedf917cbb1afd.svg
91.215.85.20/static/de/bank/postbank/ 7 KB
7 KB 111ms
55ms Image
image/svg+xml 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://91.215.85.20/static/de/bank/postbank/pb-logo-with-title-no-subline.39cedf917cbb1afd.svg
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: d4664dd3d67bd3bbe6653fe5273756db06a66ed9f6b2e3d317a28c5bd04ecb90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
last-modified: Tue, 11 Apr 2023 01:21:24 GMT
etag: W/"1baa-1876de73e7f"
content-type: image/svg+xml
cache-control: public, max-age=0
Connection: keep-alive
accept-ranges: bytes
Keep-Alive: timeout=72
content-length: 7082

GET
H/1.1 404
Not Found pb-logo-splash.cbbf15e67c60fec9.svg
91.215.85.20/static/de/bank/postbank/ 122 B
122 B 103ms
60ms Image
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://91.215.85.20/static/de/bank/postbank/pb-logo-splash.cbbf15e67c60fec9.svg
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/styles.f422269988a809f0.css
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: b30737d8eada772c690782b086bc033dc811da3af9dc5af5dfdf2485e97f9d20

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/static/de/bank/postbank/styles.f422269988a809f0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 122
content-type: application/json; charset=utf-8

GET
H2 200 FrutigerLTW05-65Bold.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 25 KB
26 KB 104ms
41ms Font
font/woff2 2600:9000:2251:b200:13:46b5:7d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/FrutigerLTW05-65Bold.woff2

Requested by

Host: www.deutsche-bank.de
URL: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:b200:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

be4beee7d867a4c4702b8ab281d1d11884a6b7ae9a5e74aac6b141000cb248de

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

Referer: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Origin: http://91.215.85.20
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:12:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.deutsche-bank.de
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 26008
last-modified: Wed, 24 Feb 2021 08:20:14 GMT
server: Apache
db-nickname: VTJGc2RHVmtYMTlTb1NTZlVUS09nRXZqZVZLMmpJdThnV0dJVlJHWWtSdz0=
vary: Origin
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: LjyHZ2Nhj98p6MLW1mGS5hsajYI2_JQpT2eLFfN3gcXOl0G39aH_ag==
expires: Tue, 23 Apr 2024 14:12:00 GMT

GET
H2 200 FrutigerLTW05-55Roman.woff2
www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/ 25 KB
26 KB 120ms
58ms Font
font/woff2 2600:9000:2251:b200:13:46b5:7d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/FrutigerLTW05-55Roman.woff2

Requested by

Host: www.deutsche-bank.de
URL: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:b200:13:46b5:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://*.deutsche-bank.de
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, allow-from https://meine.deutsche-bank.de

Request headers

Referer: https://www.deutsche-bank.de/cip-content/assets/pb-unity/fonts/fonts.css
Origin: http://91.215.85.20
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:12:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.deutsche-bank.de
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 25764
last-modified: Wed, 24 Feb 2021 08:20:14 GMT
server: Apache
db-nickname: VTJGc2RHVmtYMStWNml3TEFiSUsrTmlPMkNUNFJFVVdEdW5PVERiTForcz0=
vary: Origin
x-frame-options: SAMEORIGIN, allow-from https://meine.deutsche-bank.de
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: dcZeSEbcFIRn5CNxJ4qguOWGZ3jipOlb17THn6ZkyCXGdw50Ntovrg==
expires: Tue, 23 Apr 2024 14:12:00 GMT

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame 0
0 56ms
25ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:12:00 GMT
expires: Mon, 24 Apr 2023 14:12:00 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NL,
x-guploader-uploadid: ADPycdu5ivUadJD0Fd4V54YgAd_rZdgO5ZHZKVJUEraARrxnBL-i-qC0nMMl425PQXOoWi22Wh7ebfab7Bjb3rDkZ60kcA

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/xSrVHkQp_/latest/ 66 B
615 B 19ms
19ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/languages.json

Requested by

Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Mon, 24 Apr 2023 14:11:36 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 24
x-client-geo-location: NL,
x-guploader-uploadid: ADPycdv9H6hkBtbEnquxpLcA_SS4pAitFiQOxiThleRU0Ceqewr_L_zoSQCYSe1Qj0qsJBqbvNGE1pCc6Y--p9xfOkWMb3qMpQNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
last-modified: Tue, 21 Mar 2023 07:27:47 GMT
server: UploadServer
etag: "645afc9e7aa2c884f8a470fd78671460"
vary: Accept-Encoding
x-goog-generation: 1679383667617915
x-goog-hash: crc32c=VEQXGw==, md5=ZFr8nnqiyIT4pHD9eGcUYA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 71
accept-ranges: bytes
content-type: application/json
expires: Mon, 24 Apr 2023 14:12:36 GMT

GET
H/1.1 200
OK redirect Show response
91.215.85.20/longpoll/ 21 B
192 B 81ms
81ms Fetch
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/longpoll/redirect?order=null
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/js/longpoll.js
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: aedbdf6d3e8593c6f7121ee5ab13455a6c92a95230204cb4366fc9228620d5dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:00 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 21
content-type: application/json; charset=utf-8

GET
H/1.1 404
Not Found cross-domain-bridge.html Show response
91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/ Frame 7ACB 136 B
315 B 56ms
56ms Document
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/cross-domain-bridge.html
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/de/bank/postbank
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 3a6a9779686126975782da9aacef1e112c27db5fa2aba4e555fa3b98f1df6fd8

Request headers

Referer: http://91.215.85.20/de/bank/postbank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 24 Apr 2023 14:12:00 GMT
Keep-Alive: timeout=72
content-length: 136
content-type: application/json; charset=utf-8

GET
H2 200 fe57656b81987ce656c13b01040632cd7253327e.json Show response
bootstrap.smartsuppchat.com/widget/ 1 KB
723 B 101ms
29ms XHR
application/json 3.76.158.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bootstrap.smartsuppchat.com/widget/fe57656b81987ce656c13b01040632cd7253327e.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.76.158.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-76-158-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 48cb61c77b074a3691adbad6b1820efc1b0730c33041e9879f47b8948c341bf5

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 62713eedc1f171511be259caec0493e3a10586ea
date: Mon, 24 Apr 2023 14:12:00 GMT
content-encoding: br
x-hit: redis
etag: "505-Odb7MsidZuN6Rc5UL2000MMA30A"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate

OPTIONS
H2 200 de.json
api.usercentrics.eu/settings/xSrVHkQp_/latest/ Frame 0
0 29ms
29ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/de.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:12:00 GMT
expires: Mon, 24 Apr 2023 14:12:00 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NL,
x-guploader-uploadid: ADPycdvvnMP2rjGyOpBdYBLKQCimJtsxec3QCfRfyvsUwofdpnEAPuApDN9Rg-iYh0vYIvbNvd9tFm5rDw-pr4qYRVyPjQ

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/xSrVHkQp_/latest/ 28 KB
8 KB 16ms
15ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/xSrVHkQp_/latest/de.json

Requested by

Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0f072460046cb3ea3eecf9a5c1d4c88aa3c67a426b4934834dbaf0ecd8b3b37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Mon, 24 Apr 2023 14:11:41 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 19
x-client-geo-location: NL,
x-guploader-uploadid: ADPycduMtmwOGDuNt45OfKHl3DHa5-nDK6bGzbL0T3nJn1vJdYxelGJX_NWKSgFPq9LPbqd0oDurEva8-Q17-SvTUCKrrJfW5J7e
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8649
last-modified: Tue, 21 Mar 2023 07:27:47 GMT
server: UploadServer
etag: "1246e4429a7e021e1b24ece0a54dc7e7"
vary: Accept-Encoding
x-goog-generation: 1679383667606184
x-goog-hash: crc32c=vnkcdQ==, md5=EkbkQpp+Ah4bJOzgpU3H5w==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 8649
accept-ranges: bytes
content-type: application/json
expires: Mon, 24 Apr 2023 14:12:41 GMT

GET
H/1.1 404
Not Found cross-domain-bridge.html Show response
91.215.85.20/de/bank/postbankassets/scripts/ Frame F10F 118 B
297 B 63ms
63ms Document
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/de/bank/postbankassets/scripts/cross-domain-bridge.html
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: 09656c17fbeb1abb50bd478d960a7f2d93171e0d327e5cddfd6714327029cdd3

Request headers

Referer: http://91.215.85.20/de/bank/postbank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Date: Mon, 24 Apr 2023 14:12:00 GMT
Keep-Alive: timeout=72
content-length: 118
content-type: application/json; charset=utf-8

GET
H2 200 asset-manifest.json Show response
widget-v2.smartsuppcdn.com/ 2 KB
763 B 131ms
22ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/asset-manifest.json
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dd119396c1ec6fb9fe55bf5df931b9d7f3338cc24ee0247390bc5fc1970e3165

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Apr 2023 14:12:00 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 34
x-77-nzt: Abk73BADwzT/IgAAAA
x-accel-expires: @1682345546
last-modified: Tue, 18 Apr 2023 20:26:14 GMT
server: CDN77-Turbo
etag: W/"643efce6-6ce"
x-77-nzt-ray: 9083393079ec643a308e46647cc86838
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, public, s-maxage=60
expires: Wed, 19 Apr 2023 05:12:39 GMT

GET
H2 200 runtime-main.1934e153.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 3448 2 KB
2 KB 66ms
18ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/runtime-main.1934e153.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 13ca7a7abbf685c5951b76a00ad13763beea38eeafeac1316c66f853427437bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Apr 2023 14:12:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 464661
x-77-nzt: Abk73BDVi2f/FRcHAA
x-accel-expires: @1713416860
last-modified: Tue, 18 Apr 2023 20:26:14 GMT
server: CDN77-Turbo
etag: W/"643efce6-9bd"
x-77-nzt-ray: 908339305bf1533c318e466417965b01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Thu, 18 Apr 2024 05:07:40 GMT

GET
H2 200 6.d679ef16.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 3448 525 KB
159 KB 106ms
59ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/6.d679ef16.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 35576539f0f6b98f9f7aef04b2dca0d7b03c974e6109415534729f5a90a236fc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Apr 2023 14:12:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 464661
x-77-nzt: Abk73BA6WAn/FRcHAA
x-accel-expires: @1713416860
last-modified: Tue, 18 Apr 2023 20:26:14 GMT
server: CDN77-Turbo
etag: W/"643efce6-832b3"
x-77-nzt-ray: 908339305bf1533c318e466406719c01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Thu, 18 Apr 2024 05:07:40 GMT

GET
H2 200 main.f4b290f4.chunk.js Show response
widget-v2.smartsuppcdn.com/static/js/ Frame 3448 115 KB
30 KB 87ms
40ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v2.smartsuppcdn.com/static/js/main.f4b290f4.chunk.js
Requested by: Host: www.smartsuppchat.com
URL: https://www.smartsuppchat.com/loader.js?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 75ea317ee21302c78430cbd83c6d26cc46c6d59246eeed8ddf8dc3074afa8183

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Apr 2023 14:12:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 464661
x-77-nzt: Abk73BCsTYv/FRcHAA
x-accel-expires: @1713416860
last-modified: Tue, 18 Apr 2023 20:26:14 GMT
server: CDN77-Turbo
etag: W/"643efce6-1cc7f"
x-77-nzt-ray: 908339305bf1533c318e46645a7f6501
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable
expires: Thu, 18 Apr 2024 05:07:40 GMT

GET
H2 200 defaults Show response
translations.smartsuppcdn.com/api/v1/widget/translations/lang/de/ Frame 3448 6 KB
3 KB 71ms
21ms Fetch
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://translations.smartsuppcdn.com/api/v1/widget/translations/lang/de/defaults
Requested by: Host: widget-v2.smartsuppcdn.com
URL: https://widget-v2.smartsuppcdn.com/static/js/6.d679ef16.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dcf9b6b0dec6123c4988dc300a5afef6ed4e4c9e67f1b3a088de102ca3f096b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop: frankfurtDE
x-version: 09c135933f431a6101ccf666ce6ce9e66ab43878
date: Mon, 24 Apr 2023 14:12:01 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 128
x-response-time: 0ms
x-77-nzt: Abk73BD4Tbv/gAAAAA
x-accel-expires: @1682345993
server: CDN77-Turbo
x-77-nzt-ray: 9083393079ec643a318e4664a7e3400e
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 31ms
31ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 24 Apr 2023 14:12:01 GMT
expires: Mon, 24 Apr 2023 14:12:01 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: NL,
x-guploader-uploadid: ADPycdu6P2w6XQofRqqiTGETsd95x8hvhS6uvFOT0Ln9AF21KzCAnlIIS4g1Czper8r5gF-yGGCHcHO3VEmhIuHnW7CsnuUCVg0b

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
1 KB 86ms
35ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=xSrVHkQp_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 176
x-guploader-uploadid: ADPycdvlD9dOeGiyY4hYVaH0VNR5aVBvH_77ziK6YAvaQacuugMgJ4TLTD2mP7Zf8sZSNWxl2Gy9dPikTpLhf_4k4ZrMjZQ6QbRF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Mon, 24 Apr 2023 14:39:05 GMT

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 33ms
33ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Sun, 23 Apr 2023 21:25:12 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 60409
x-client-geo-location: NL,
x-guploader-uploadid: ADPycdvi0ZaF_xdZxMU77oz2QHonkViZTxYYktLR0nbngQYf1GJ2u_rvHV7xXssnAYtITEzEXwjCF3tVjg6Nv7Uposq5lw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2825
last-modified: Tue, 11 Apr 2023 10:06:02 GMT
server: UploadServer
etag: "39df8ef384e368a1b53b499b1d535249"
vary: Accept-Encoding
x-goog-generation: 1681207562414310
x-goog-hash: crc32c=3t2x1Q==, md5=Od+O84TjaKG1O0mbHVNSSQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2825
accept-ranges: bytes
content-type: application/json
expires: Mon, 24 Apr 2023 21:25:12 GMT

GET
H2 200 de Show response
aggregator.service.usercentrics.eu/aggregate/ 44 KB
8 KB 35ms
34ms Fetch
application/json 2600:1901:0:256b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=8Tzrh5crUMnin5@3.1.0,AllulnW6mjNqvN@12.6.10,Dq850tJ1K@3.1.0,N6Zc9nerb@2.1.0,RUGHfUkfM@3.1.0,SYz5hNpZs@4.0.0,dbWehKPK5@5.3.0,djkBIJeZNtJ8dw@5.1.0,kHdPijPQ6@9.8.2,s6hwQQuGlo5Gnh@6.4.0,tAkVxzS4C@4.0.0
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 34e51b33e8addcf45455e895eae7b1885d328bd21a6a72920dbd40e9aa4d0f1a

Request headers

Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type: application/json

Response headers

date: Thu, 20 Apr 2023 11:59:19 GMT
content-encoding: br
via: 1.1 google
server: Google Frontend
age: 353563
etag: "6m0q3l"
vary: Accept-Encoding, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8201

OPTIONS
H2 204 de
aggregator.service.usercentrics.eu/aggregate/ Frame 0
0 116ms
43ms Preflight
text/html 2600:1901:0:256b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://aggregator.service.usercentrics.eu/aggregate/de?templates=8Tzrh5crUMnin5@3.1.0,AllulnW6mjNqvN@12.6.10,Dq850tJ1K@3.1.0,N6Zc9nerb@2.1.0,RUGHfUkfM@3.1.0,SYz5hNpZs@4.0.0,dbWehKPK5@5.3.0,djkBIJeZNtJ8dw@5.1.0,kHdPijPQ6@9.8.2,s6hwQQuGlo5Gnh@6.4.0,tAkVxzS4C@4.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:256b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 24 Apr 2023 14:12:02 GMT
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: de241c086bd12a32281b9564fbd6f0ba

OPTIONS
H2 204 graphql
graphql.usercentrics.eu/ Frame 0
0 88ms
45ms Preflight 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 24 Apr 2023 14:12:02 GMT
vary: Access-Control-Request-Headers
via: 1.1 google
x-powered-by: Express

OPTIONS
H2 204 1
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 95ms
41ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-api.service.consent.usercentrics.eu/consent/uw/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: http://91.215.85.20
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 24 Apr 2023 14:12:02 GMT
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: cfee6e16787250d4d2589a34ee935767

POST
H2 200 graphql Show response
graphql.usercentrics.eu/ 928 B
629 B 50ms
49ms Fetch
application/json 2600:1901:0:7903::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://graphql.usercentrics.eu/graphql
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7903:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: 99db5a1f81d52460103051a9e4624ca898dd7845b4557a13a9c65b3ca95ab25f

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Request-ID: 6d1edf71-d077-4b97-9618-6511f5fc9f1b
content-type: application/json

Response headers

date: Mon, 24 Apr 2023 14:12:02 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: Express
etag: W/"3a0-fE3vHk6S1+p3Txbrky1srKVIgPU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 201 1 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
85 B 57ms
57ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://consent-api.service.consent.usercentrics.eu/consent/uw/1
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/de/bank/postbank/usercentrics-3.6.0.js.download
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: http://91.215.85.20/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Request-ID: 820ac86c-57f3-49c7-b36f-87402b58258d
content-type: application/json

Response headers

date: Mon, 24 Apr 2023 14:12:02 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 428d12186ab1d49a0224cc9ae8e02ba3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
277 B 171ms
50ms Image
image/gif 34.95.108.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&sid=xSrVHkQp_&t=1&abv=&r=http%3A%2F%2F91.215.85.20%2Fde%2Fbank%2Fpostbank&cb=1682345522149

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.108.95.34.bc.googleusercontent.com

Software

Google Frontend / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 14:12:02 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
x-powered-by: Express
content-type: image/gif
x-cloud-trace-context: aff67e50a2e031eccad7a717f30128a3
cache-control: no-store
function-execution-id: kt5orl79xnzk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 PB_Zentrale_sRGB.png
www.postbank.de/dam/postbank/bilder/unternehmen/medien/ 33 KB
34 KB 191ms
49ms Image
image/png 2600:9000:224a:ae00:15:e39e:8900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.postbank.de/dam/postbank/bilder/unternehmen/medien/PB_Zentrale_sRGB.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:ae00:15:e39e:8900:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9dc5d3a050cd34154973c274bca9339e3eeec4992af909332fc93b6ce124a7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-dispatcher: dispatcher2eucentral1
date: Mon, 24 Apr 2023 14:12:02 GMT
x-dispatcher-version: 1.5.22
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains;
via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-vhost: postbank
x-cache: Miss from cloudfront
content-disposition: inline
content-length: 33837
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Sep 2020 18:49:01 GMT
server: Apache
etag: "842d-5af4a7cdf4140"
vary: Host
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: gvOw6lRtAi2PgzhwpMdla4MizTksp7lO-EoFKeRNEKU0OSlSCQoF4g==

GET
H/1.1 200
OK redirect Show response
91.215.85.20/longpoll/ 21 B
192 B 78ms
77ms Fetch
application/json 91.215.85.20
PROSPERO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://91.215.85.20/longpoll/redirect?order=null
Requested by: Host: 91.215.85.20
URL: http://91.215.85.20/static/js/longpoll.js
Protocol: HTTP/1.1
Server: 91.215.85.20 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software: /
Resource Hash: aedbdf6d3e8593c6f7121ee5ab13455a6c92a95230204cb4366fc9228620d5dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://91.215.85.20/de/bank/postbank
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 14:12:05 GMT
Connection: keep-alive
Keep-Alive: timeout=72
content-length: 21
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Postbank (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
91.215.85.20/	1970-01-20 15:41:10	Name: ssupp.vid Value: viKPM-3VwOo33
91.215.85.20/	1970-01-20 15:41:10	Name: ssupp.visits Value: 1
www.postbank.de/	1970-01-20 11:29:10	Name: AWSALBCORS Value: P8lx5dZF9zyGS/NpW3wRwuMUEG3YJG9nhbL7B3CCZdserBk2oFTY9ViV4swGc7qGXPLDYxzvtoDQLS7zwc1qx5peRCjArM1k4RTAi7mFuReAyjOGcnh/JYm//7tI

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/NRJS-7200c241d4b12b5d9b7 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/newrelic-agent-1216.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/newrelic-loader-1216.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/assets/scripts/usercentrics-3.6.0.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/runtime.a7565196be371f38.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/polyfills.355997a7c40d2123.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/scripts.d056530755f64853.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/main.73a6c671ad629e6e.js.download Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/static/de/bank/postbank/pb-logo-splash.cbbf15e67c60fec9.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/Postbank%20Banking%20&%20Brokerage_files/cross-domain-bridge.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://91.215.85.20/de/bank/postbankassets/scripts/cross-domain-bridge.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aggregator.service.usercentrics.eu
api.usercentrics.eu
app.usercentrics.eu
bootstrap.smartsuppchat.com
consent-api.service.consent.usercentrics.eu
graphql.usercentrics.eu
translations.smartsuppcdn.com
uct.service.usercentrics.eu
widget-v2.smartsuppcdn.com
www.deutsche-bank.de
www.postbank.de
www.smartsuppchat.com
2600:1901:0:1e38::
2600:1901:0:256b::
2600:1901:0:5987::
2600:1901:0:7903::
2600:1901:0:c07c::
2600:9000:224a:ae00:15:e39e:8900:93a1
2600:9000:2251:b200:13:46b5:7d80:93a1
2a02:6ea0:c700::10
2a02:6ea0:c700::11
3.76.158.250
34.95.108.180
91.215.85.20
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
09656c17fbeb1abb50bd478d960a7f2d93171e0d327e5cddfd6714327029cdd3
0f072460046cb3ea3eecf9a5c1d4c88aa3c67a426b4934834dbaf0ecd8b3b37e
13ca7a7abbf685c5951b76a00ad13763beea38eeafeac1316c66f853427437bf
34e51b33e8addcf45455e895eae7b1885d328bd21a6a72920dbd40e9aa4d0f1a
35576539f0f6b98f9f7aef04b2dca0d7b03c974e6109415534729f5a90a236fc
3a6a9779686126975782da9aacef1e112c27db5fa2aba4e555fa3b98f1df6fd8
48cb61c77b074a3691adbad6b1820efc1b0730c33041e9879f47b8948c341bf5
4ee65499a52a526b4930365ad9d02c754c95f1dd45b9d6b651593888e2d389ec
55cb206a77ff71092c309352fcb5927a389382ae678bab55f85ab13ed6239d31
5726f479faf0b0e93fe5e114e4059e25908c7d4cebeef1805bb3531d1e2175ea
69cffe46f97fe44c0cf3812e6c9d6597a19531edd4c2854c7011da19c0ba73c4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
75ea317ee21302c78430cbd83c6d26cc46c6d59246eeed8ddf8dc3074afa8183
8c477933a91763dd80d66840a72f9b25bee4250bc4adb2ec15932d5f6a473ecf
8e774cc0790fa0338b5a30dc3629c5a28df695a2b653cd6c6bf847cc6b810f5c
97fe447ddc107dc8b5f84af5b559f36c71eb2da143a98ef3080014d1f17c994a
99db5a1f81d52460103051a9e4624ca898dd7845b4557a13a9c65b3ca95ab25f
9dc5d3a050cd34154973c274bca9339e3eeec4992af909332fc93b6ce124a7b2
9ed08dc467576c5d7927b0ed116cb7853faa2cd1d41b8e10d10309b91569e5b2
a1f452567983dc505d5514cba4297e731be583360051d053579888f4b2422aff
adc96b6efe5919552898681732312c97108a36e5d17d1bd20044c09f31b7e43b
aedbdf6d3e8593c6f7121ee5ab13455a6c92a95230204cb4366fc9228620d5dd
b30737d8eada772c690782b086bc033dc811da3af9dc5af5dfdf2485e97f9d20
be4beee7d867a4c4702b8ab281d1d11884a6b7ae9a5e74aac6b141000cb248de
d4664dd3d67bd3bbe6653fe5273756db06a66ed9f6b2e3d317a28c5bd04ecb90
dcf9b6b0dec6123c4988dc300a5afef6ed4e4c9e67f1b3a088de102ca3f096b4
dd119396c1ec6fb9fe55bf5df931b9d7f3338cc24ee0247390bc5fc1970e3165
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
f4887682931c3805d1b837914ac30db2a54cee7a49074844339107f916930a03

91.215.85.20 Open in urlscan Pro 91.215.85.20 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

54 %HTTPS

75 %IPv6

5 Domains

12 Subdomains

12 IPs

3 Countries

2190 kBTransfer

2713 kBSize

3 Cookies

11 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

91.215.85.20 Open in urlscan Pro
91.215.85.20 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

54 %
HTTPS

75 %
IPv6

5
Domains

12
Subdomains

12
IPs

3
Countries

2190 kB
Transfer

2713 kB
Size

3
Cookies

46 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!