pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev Open in urlscan Pro
2606:4700::6812:223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://expole.bubbleapps.io/version-test/index?debug_mode=true#man0413%40kt.com
Effective URL:
https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Submission Tags: falconsandbox
Submission: On July 20 via api (July 20th 2023, 6:57:32 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev.
TLS certificate: Issued by E1 on June 15th 2023. Valid for: 3 months.

This is the only time pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 8	2606:4700::68... 2606:4700::6813:da30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.19.241.93 104.19.241.93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:d912	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
22	11

8 2606:4700::6813:da30 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

expole.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.241.93 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:d912 (United States)

ASN13335 (CLOUDFLARENET, US)

eu.starton-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	bubbleapps.io 2 redirects expole.bubbleapps.io	695 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2651 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 920	53 KB
2	starton-ipfs.com eu.starton-ipfs.com — Cisco Umbrella Rank: 496375	108 KB
2	r2.dev pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev	27 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74 ajax.googleapis.com — Cisco Umbrella Rank: 406	31 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 255	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	24 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	bubble.io 1 redirects bubble.io — Cisco Umbrella Rank: 84002	701 B
22	9

	Domain	Requested by
8	expole.bubbleapps.io	2 redirects expole.bubbleapps.io
2	stackpath.bootstrapcdn.com	eu.starton-ipfs.com
2	eu.starton-ipfs.com	pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
2	pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev	expole.bubbleapps.io pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
1	ajax.googleapis.com	eu.starton-ipfs.com
1	maxcdn.bootstrapcdn.com	eu.starton-ipfs.com
1	cdnjs.cloudflare.com	eu.starton-ipfs.com
1	code.jquery.com	eu.starton-ipfs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	expole.bubbleapps.io
1	bubble.io	1 redirects
22	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.r2.dev E1	`2023-06-15` - `2023-09-13`	3 months	crt.sh
starton-ipfs.com GTS CA 1P5	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Frame ID: 00E9B7FDEDAD1E5B02A4C2D68B151561
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Portal Access

Page URL History Show full URLs

https://expole.bubbleapps.io/version-test/index?debug_mode=true HTTP 302
https://bubble.io/appeditor/debug_mode?on_success=https%3A%2F%2Fexpole.bubbleapps.io%2Fversion... HTTP 302
https://expole.bubbleapps.io/version-test/index HTTP 302
https://expole.bubbleapps.io/version-test Page URL
https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

82 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

990 kB
Transfer

3619 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://expole.bubbleapps.io/version-test/index?debug_mode=true HTTP 302
https://bubble.io/appeditor/debug_mode?on_success=https%3A%2F%2Fexpole.bubbleapps.io%2Fversion-test%2Findex%3Fdebug_mode%3Dtrue HTTP 302
https://expole.bubbleapps.io/version-test/index HTTP 302
https://expole.bubbleapps.io/version-test Page URL
https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://expole.bubbleapps.io/version-test/index?debug_mode=true HTTP 302
https://bubble.io/appeditor/debug_mode?on_success=https%3A%2F%2Fexpole.bubbleapps.io%2Fversion-test%2Findex%3Fdebug_mode%3Dtrue HTTP 302
https://expole.bubbleapps.io/version-test/index HTTP 302
https://expole.bubbleapps.io/version-test

22 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

version-test Show response
expole.bubbleapps.io/
Redirect Chain

https://expole.bubbleapps.io/version-test/index?debug_mode=true
https://bubble.io/appeditor/debug_mode?on_success=https%3A%2F%2Fexpole.bubbleapps.io%2Fversion-test%2Findex%3Fdebug_mode%3Dtrue
https://expole.bubbleapps.io/version-test/index
https://expole.bubbleapps.io/version-test

11 KB
4 KB

753ms
753ms

Document
text/html

2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://expole.bubbleapps.io/version-test

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f20e6aa133bf70f83c06cac34a394a20326c83e8c17a870856ec579d1cb57a3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 7e994f5bef499b70-FRA
content-encoding: br
content-security-policy: frame-ancestors 'none';
content-type: text/html
date: Thu, 20 Jul 2023 06:57:27 GMT
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.044 unit-seconds used
x-bubble-perf: {"total":268.5,"percents":{"top":{"bubble_cpu":7.1,"block":90.2,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":28.8,"appserver_cache_misses_time":0,"redis":58.9,"fiber_queue":28.8,"capacity_wait":2.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":29,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":54,"fiber_queue":49,"blocks":48},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":2877755,"derived_build_time_spent":0}}
x-frame-options: DENY
x-powered-by: Express

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 7e994f587b409b70-FRA
date: Thu, 20 Jul 2023 06:57:26 GMT
location: https://expole.bubbleapps.io/version-test
server: cloudflare
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.003 unit-seconds used
x-bubble-perf: {"total":9.7,"percents":{"top":{"bubble_cpu":15.3,"block":68.7,"capacity_rl":0,"other_pause":0,"pre_fiber":9.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.3,"fiber_queue":4.5,"capacity_wait":17.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":222106,"derived_build_time_spent":0}}
x-powered-by: Express

GET
H2 200 early.js Show response
expole.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/ 24 KB
9 KB 18ms
17ms Script
application/javascript 2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://expole.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/early.js
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://expole.bubbleapps.io/
Origin: https://expole.bubbleapps.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":13.5,"percents":{"top":{"bubble_cpu":24.5,"block":67.2,"capacity_rl":0,"other_pause":0,"pre_fiber":3.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.5,"fiber_queue":13.7,"capacity_wait":17.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":495253,"derived_build_time_spent":0}}
server: cloudflare
age: 8612
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.008 unit-seconds used
timing-allow-origin: *
cf-ray: 7e994f60acde9b70-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
expole.bubbleapps.io/package/run_css/e1db0f284ce3babb044f94940bcaebe06449342dcb372126b21a253630d782b9/expole/test/index/xfalse/xfalse/ 43 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://expole.bubbleapps.io/package/run_css/e1db0f284ce3babb044f94940bcaebe06449342dcb372126b21a253630d782b9/expole/test/index/xfalse/xfalse/run.css
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a8a58099b87c58def5b46f862d2c72f675a99376496397a297075c41345a241a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expole.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":22.3,"percents":{"top":{"bubble_cpu":19.9,"block":77.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":34.1,"appserver_cache_misses_time":0,"redis":83,"fiber_queue":8.7,"capacity_wait":9.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":20,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":665421,"derived_build_time_spent":0}}
age: 8590
cf-polished: origSize=56719
x-powered-by: Express
x-bubble-capacity-used: 0.01 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 7e994f60acdd9b70-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
expole.bubbleapps.io/package/run_js/68dea90f115fb2b03dbbe5b6c9d04b72ff499a434aa278563ad427163dd160a2/xfalse/x25/ 3 MB
652 KB 30ms
29ms Script
application/javascript 2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://expole.bubbleapps.io/package/run_js/68dea90f115fb2b03dbbe5b6c9d04b72ff499a434aa278563ad427163dd160a2/xfalse/x25/run.js
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0c6c48099e2183b14d1054e99cbebaad28883a48d755a7b51b087307ad1356e

Request headers

Referer: https://expole.bubbleapps.io/
Origin: https://expole.bubbleapps.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":5.9,"percents":{"top":{"bubble_cpu":23.2,"block":62.3,"capacity_rl":0,"other_pause":0,"pre_fiber":7.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":12.6,"fiber_queue":6.6,"capacity_wait":44.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":206584,"derived_build_time_spent":0}}
server: cloudflare
age: 8540
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.003 unit-seconds used
timing-allow-origin: *
cf-ray: 7e994f60ace29b70-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
expole.bubbleapps.io/package/static_js/6ef21c0247475c654e08d22f030988d821f4311ee4e2b1d663ad89af7619b1d3/expole/test/index/xnull/xfalse/xfalse/xfalse/ 17 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://expole.bubbleapps.io/package/static_js/6ef21c0247475c654e08d22f030988d821f4311ee4e2b1d663ad89af7619b1d3/expole/test/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a509e0e5978abbeed6eda163764e023e11de943d8753db9681ccbc5ffc866523

Request headers

Referer: https://expole.bubbleapps.io/
Origin: https://expole.bubbleapps.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":28.3,"percents":{"top":{"bubble_cpu":23.3,"block":74.5,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":32.6,"appserver_cache_misses_time":0,"redis":86.9,"fiber_queue":2.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":15,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":27,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":990038,"derived_build_time_spent":0}}
server: cloudflare
age: 8358
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.015 unit-seconds used
timing-allow-origin: *
cf-ray: 7e994f60ace49b70-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
expole.bubbleapps.io/package/dynamic_js/9269db9c4e6cfd688112cd6dd6ad62ca3d3c66ddd9dd789f4a79e2f6ffc55bea/expole/test/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 46 KB
15 KB 19ms
19ms Script
application/javascript 2606:4700::6813:da30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://expole.bubbleapps.io/package/dynamic_js/9269db9c4e6cfd688112cd6dd6ad62ca3d3c66ddd9dd789f4a79e2f6ffc55bea/expole/test/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ef4c914be4d726848f9fc86ef01e1d92d50689bf5f8b76464cdcb5c8abd331a5

Request headers

Referer: https://expole.bubbleapps.io/
Origin: https://expole.bubbleapps.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":22.2,"percents":{"top":{"bubble_cpu":23,"block":73.7,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":11.7,"appserver_cache_misses_time":0,"redis":71.4,"fiber_queue":8.5,"capacity_wait":13.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":17,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":764794,"derived_build_time_spent":0}}
server: cloudflare
age: 9841
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.012 unit-seconds used
timing-allow-origin: *
cf-ray: 7e994f60ace59b70-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 68ms
21ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700

Requested by

Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/xfalse/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expole.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 06:54:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jul 2023 06:57:27 GMT

GET data
expole.bubbleapps.io/version-test/api/1.1/init/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular%7COpen+Sans:600%7COpen+Sans:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://expole.bubbleapps.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 455743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 00:21:44 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://expole.bubbleapps.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK Primary Request gen-page.html Show response
pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/ 287 B
548 B 111ms
58ms Document
text/html 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Requested by: Host: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5efaf835c1428acc9f95f25ff1a87e6c7a650ffa3d4d41c745d9bf843641ecfe

Request headers

Referer: https://expole.bubbleapps.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-RAY: 7e994f62fb441c97-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 20 Jul 2023 06:57:27 GMT
ETag: W/"d048874e4ea272541cd1a2dc49a20ed3"
Last-Modified: Thu, 20 Jul 2023 03:10:38 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

POST hi
expole.bubbleapps.io/version-test/user/ 0
0

POST mget
expole.bubbleapps.io/version-test/elasticsearch/ 0
0

POST m
expole.bubbleapps.io/version-test/user/ 0
0

GET
H2 200 bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Show response
eu.starton-ipfs.com/ipfs/ 259 KB
63 KB 75ms
44ms Script
text/plain 2606:4700:3032::ac43:d912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm
Requested by: Host: pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241874bbbfc9790671d563452cae01aaf76216c8462e1f853a4007d5a92faf49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
via: kong/3.2.2.1-enterprise-edition
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 3
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-ipfs-roots: bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm
etag: W/"bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm"
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KBoKdkVmLh66F0MNacYfl9IRZhZCdWe7uX6IShMN0SanNl7A1ekqLzd2qdeg%2BNxM6J0dVZy1rZISXAWBl54K%2BmPEDlWY9ziU2dXVo7Ak4YqenymbAakYjukgbK%2B3uJjj07dXnhd3FUfgMdyZYEUOvTJ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm
cf-ray: 7e994f639d8e4d6a-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 200 bafkreiceauumz6d5ucqnmkefz6nawq3p3v6cgpsfak3pph33vfzvvicnfm Show response
eu.starton-ipfs.com/ipfs/ 120 KB
45 KB 78ms
47ms Script
text/plain 2606:4700:3032::ac43:d912
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.starton-ipfs.com/ipfs/bafkreiceauumz6d5ucqnmkefz6nawq3p3v6cgpsfak3pph33vfzvvicnfm
Requested by: Host: pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440528ccf87da0a0d62885cf9a0b436fdd7c233e4502b6f79f7ba9735aa04d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
via: kong/3.2.2.1-enterprise-edition
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-kong-proxy-latency: 0
x-kong-upstream-latency: 4
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-ipfs-roots: bafkreiceauumz6d5ucqnmkefz6nawq3p3v6cgpsfak3pph33vfzvvicnfm
etag: W/"bafkreiceauumz6d5ucqnmkefz6nawq3p3v6cgpsfak3pph33vfzvvicnfm"
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtjbcGNewXI2H1YGSUsXNMGFkSTHyZivA5K1QULOC1jwhkDUr%2BjyFUKa2kjoHLBWPpJ9VWoukD%2Fl%2BDyAakWLudUG%2F8jDc5muLVIz4kl%2FR2GKC6bRF0n6eJWVfwVb8IX8wc04I5H%2BTmQElP4Sw1NUGI80"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/bafkreiceauumz6d5ucqnmkefz6nawq3p3v6cgpsfak3pph33vfzvvicnfm
cf-ray: 7e994f639d8f4d6a-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 157 KB
25 KB 46ms
20ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

Requested by

Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 7232941
cdn-cachedat: 08/03/2021 15:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 72292ca7a393da9d388c402f68f6a70c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e994f647e003a9e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 34ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
Origin: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-10fdd"
vary: Accept-Encoding
x-hw: 1689836247.dop216.fr8.t,1689836247.cds016.fr8.hn,1689836247.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 31ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
Origin: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 32385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942d85-180d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpH8fGTxjr4scg4sAeZEINBvTbqkdVyFFMSf1FCX3S428rq5RQWdd4zOZFKDZi6wPs4anLMqOi0tbAep%2FHtb3zdfRL6WTxemXFlIP%2FUc%2Bttj8xmYwqKr0Bwds7VTi5TxlfjlUQJsGlzPMvY8MUwJupCb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e994f646f65926e-FRA
expires: Tue, 09 Jul 2024 06:57:27 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 35ms
16ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
Origin: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 865
age: 8209
cdn-cachedat: 11/25/2022 23:23:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 174c023d7b030007ed4157bf8bc489a4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e994f6468d72bc5-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 19 Jul 2023 13:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 13:07:18 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 39ms
19ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: eu.starton-ipfs.com
URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 20 Jul 2023 06:57:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 7233275
cdn-cachedat: 11/15/2021 23:30:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7e994f647e013a9e-FRA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d1c6efc7ba8d7b7a3bd04a9e11a7761c112e4bbc23f74937749067acea91d70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 404
Not Found bg-image.jpg
pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/img/ 27 KB
27 KB 43ms
43ms Image
text/html 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/img/bg-image.jpg
Requested by: Host: pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/gen-page.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Thu, 20 Jul 2023 06:57:27 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
CF-RAY: 7e994f64ad2f1c97-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test/api/1.1/init/data?location=https%3A%2F%2Fexpole.bubbleapps.io%2Fversion-test%23man0413%2540kt.com

Domain: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test/user/hi

Domain: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test/elasticsearch/mget

Domain: expole.bubbleapps.io
URL: https://expole.bubbleapps.io/version-test/user/m

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
expole.bubbleapps.io/	1970-01-20 13:28:15	Name: expole_test_u2main Value: 1689836247031x961285933613688600
expole.bubbleapps.io/	1970-01-20 13:28:15	Name: expole_test_u2main.sig Value: idyzxyTzunI02QvIyM86NBvA4eM
expole.bubbleapps.io/	1969-12-31 23:59:59	Name: expole_u1_testmain Value: 1689836246899x764771779309497700

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://eu.starton-ipfs.com/ipfs/bafybeicumtw7vp5efqlnoa2zqei7ml4jl6bv7an2ns62f4is3ir25yjppm Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev/img/bg-image.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bubble.io
cdnjs.cloudflare.com
code.jquery.com
eu.starton-ipfs.com
expole.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev
stackpath.bootstrapcdn.com
expole.bubbleapps.io
104.19.241.93
2001:4de0:ac18::1:a:2a
2606:4700:3032::ac43:d912
2606:4700::6811:190e
2606:4700::6812:223
2606:4700::6812:acf
2606:4700::6812:bcf
2606:4700::6813:da30
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
241874bbbfc9790671d563452cae01aaf76216c8462e1f853a4007d5a92faf49
2d1c6efc7ba8d7b7a3bd04a9e11a7761c112e4bbc23f74937749067acea91d70
440528ccf87da0a0d62885cf9a0b436fdd7c233e4502b6f79f7ba9735aa04d2b
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5efaf835c1428acc9f95f25ff1a87e6c7a650ffa3d4d41c745d9bf843641ecfe
6a573ed2d823eaa7761f76f04d52b8c3eb0d1e73d76a2d71c5b5a8479c4e1796
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a509e0e5978abbeed6eda163764e023e11de943d8753db9681ccbc5ffc866523
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a8a58099b87c58def5b46f862d2c72f675a99376496397a297075c41345a241a
d0c6c48099e2183b14d1054e99cbebaad28883a48d755a7b51b087307ad1356e
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef4c914be4d726848f9fc86ef01e1d92d50689bf5f8b76464cdcb5c8abd331a5
f20e6aa133bf70f83c06cac34a394a20326c83e8c17a870856ec579d1cb57a3e

pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev Open in urlscan Pro 2606:4700::6812:223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

82 %HTTPS

91 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

990 kBTransfer

3619 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

3 Cookies

8 Console Messages

Security Headers

Indicators

pub-2e22cdaebb6e4431b2497467144ebf36.r2.dev Open in urlscan Pro
2606:4700::6812:223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

82 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

990 kB
Transfer

3619 kB
Size

3
Cookies

22 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!