firebasestorage.googleapis.com
2a00:1450:400d:807::200a Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
https://stellar-valkyrie-811327.netlify.app/red.html/
Effective URL:
https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
Submission: On February 20 via manual (February 20th 2023, 7:00:27 am UTC) from ZA — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 2a00:1450:400d:807::200a, located in Ireland and belongs to GOOGLE, US. The main domain is firebasestorage.googleapis.com. The Cisco Umbrella rank of the primary domain is 5924.
TLS certificate: Issued by GTS CA 1C3 on February 1st 2023. Valid for: 3 months.

This is the only time firebasestorage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a05:d014:275... 2a05:d014:275:cb02::c8	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
9	2620:12a:8000::4 2620:12a:8000::4	54113 (FASTLY) (FASTLY)
1	2620:12a:8001::4 2620:12a:8001::4	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:e4:... 2606:4700:e4::ac40:a916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	9

2 2a05:d014:275:cb02::c8 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

stellar-valkyrie-811327.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:12a:8000::4 (United States)

ASN54113 (FASTLY, US)

dev-xx00xx.pantheonsite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dev-x0x.pantheonsite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:12a:8001::4 (United States)

ASN54113 (FASTLY, US)

dev-metatrex.pantheonsite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a916 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	pantheonsite.io dev-xx00xx.pantheonsite.io dev-metatrex.pantheonsite.io dev-x0x.pantheonsite.io	297 KB
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1424 ka-f.fontawesome.com — Cisco Umbrella Rank: 2612	196 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298 firebasestorage.googleapis.com — Cisco Umbrella Rank: 5924 fonts.googleapis.com — Cisco Umbrella Rank: 43	63 KB
2	netlify.app 1 redirects stellar-valkyrie-811327.netlify.app	843 B
22	4

	Domain	Requested by
8	dev-xx00xx.pantheonsite.io	firebasestorage.googleapis.com
6	ka-f.fontawesome.com	dev-xx00xx.pantheonsite.io kit.fontawesome.com firebasestorage.googleapis.com
2	ajax.googleapis.com	stellar-valkyrie-811327.netlify.app firebasestorage.googleapis.com
2	stellar-valkyrie-811327.netlify.app	1 redirects
1	dev-x0x.pantheonsite.io	firebasestorage.googleapis.com
1	kit.fontawesome.com	firebasestorage.googleapis.com
1	fonts.googleapis.com	firebasestorage.googleapis.com
1	dev-metatrex.pantheonsite.io	firebasestorage.googleapis.com
1	firebasestorage.googleapis.com	stellar-valkyrie-811327.netlify.app
22	9

This site contains no links.

Subject Issuer	Validity	Valid
*.netlify.app DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-21` - `2024-01-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
pantheonsite.io Sectigo RSA Organization Validation Secure Server CA	`2022-07-14` - `2023-06-23`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
Frame ID: 27684F2ADC8C450CF7B5D3D3825684BF
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://stellar-valkyrie-811327.netlify.app/red.html/ HTTP 301
https://stellar-valkyrie-811327.netlify.app/red Page URL
https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

9
Subdomains

9
IPs

3
Countries

557 kB
Transfer

1500 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://stellar-valkyrie-811327.netlify.app/red.html/ HTTP 301
https://stellar-valkyrie-811327.netlify.app/red Page URL
https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://stellar-valkyrie-811327.netlify.app/red.html/ HTTP 301
https://stellar-valkyrie-811327.netlify.app/red

22 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

red Show response
stellar-valkyrie-811327.netlify.app/
Redirect Chain

https://stellar-valkyrie-811327.netlify.app/red.html/
https://stellar-valkyrie-811327.netlify.app/red

1 KB
632 B

8ms
8ms

Document
text/html

2a05:d014:275:cb02::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://stellar-valkyrie-811327.netlify.app/red

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb02::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a36081184b9dffa1244377face55be3648bf00530b93e2ee034bcbdbb8ff2f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3823
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 559
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 05:56:45 GMT
etag: "841b91303eb613d6b92ba471ae6412be-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GSPSZC1X5F59TVHQBA1AS4RD

Redirect headers

age: 3822
cache-control: public, max-age=0, must-revalidate
content-length: 559
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 05:56:45 GMT
etag: "841b91303eb613d6b92ba471ae6412be-ssl-df"
location: /red
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GSPSZC1M7HP02D00E8VK14G7

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: stellar-valkyrie-811327.netlify.app
URL: https://stellar-valkyrie-811327.netlify.app/red

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stellar-valkyrie-811327.netlify.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 18:27:19 GMT

GET
H2 200 Primary Request abb.html Show response
firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/ 3 KB
3 KB 785ms
721ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
Requested by: Host: stellar-valkyrie-811327.netlify.app
URL: https://stellar-valkyrie-811327.netlify.app/red
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 966c5858a974225b8b7f7d1e1ce6a5e8f467f40107352aeaee0fa21c012c3b25

Request headers

Referer: https://stellar-valkyrie-811327.netlify.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-disposition: inline; filename*=utf-8''abb.html
content-length: 2620
content-type: text/html
date: Mon, 20 Feb 2023 07:00:27 GMT
etag: "1ab825139657b4616966ddd07c99ae92"
expires: Mon, 20 Feb 2023 07:00:27 GMT
last-modified: Mon, 20 Feb 2023 05:24:54 GMT
server: UploadServer
x-goog-generation: 1676870694407324
x-goog-hash: crc32c=pkOaOw== md5=GrglE5ZXtGFpZt3QfJmukg==
x-goog-meta-firebasestoragedownloadtokens: fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2620
x-guploader-uploadid: ADPycdsspGrMYwiWzD1ZutM6wAoyx9AP-82GrgvhDDNV7VX0cGXvsCdlFkXzZKlh4W-Hh9RvtYD0AX9-7ozVnpf4Hy3kQlTE2AtJ

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
29 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 18:27:19 GMT

GET
H2 200 jquery.min.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 84 KB
34 KB 1081ms
526ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/jquery.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

480c77fb59912453e1feb5ae624f579f7755a1e02076eb5a190915c7ecc7a893

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f869fdd5d-ln2lp
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-kigq8000076-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:26 GMT
server: nginx
x-timer: S1676876429.908713,VS0,VE259
etag: W/"63bea8d6-14e94"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 425b32ce-b0ec-11ed-a404-c24479ed7278
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 jquery-3.1.1.min.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 85 KB
35 KB 1075ms
520ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/jquery-3.1.1.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6acc236968734b44ad14b1808273cde7f7f53eb19c7df6a9790e78002a5c78ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f869fdd5d-ln2lp
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-kigq8000174-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:25 GMT
server: nginx
x-timer: S1676876429.909199,VS0,VE253
etag: W/"63bea8d5-152ff"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 425af892-b0ec-11ed-a404-c24479ed7278
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 jquery-3.3.1.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 276 KB
98 KB 1402ms
847ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/jquery-3.3.1.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

70dcd1d1296de9759144f66a66591fd162f852316dd5649dd0493128a4254e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-57c64b6f5b-djs45
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-klot8100104-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:24 GMT
server: nginx
x-timer: S1676876429.909143,VS0,VE277
etag: W/"63bea8d4-44e4d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 425d1c2f-b0ec-11ed-bdb7-226405d850f2
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 5051251.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 11 KB
4 KB 1093ms
538ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/5051251.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9678923d022a3e48e0a488f643c46e4e83e029f6505ac13da4459666db203aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f869fdd5d-dxr8v
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-klot8100052-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:22 GMT
server: nginx
x-timer: S1676876429.909138,VS0,VE264
etag: W/"63bea8d2-2aba"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 425c6a03-b0ec-11ed-b950-32659210702a
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 jquery-3.2.1.slim.min.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 68 KB
28 KB 1401ms
846ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/jquery-3.2.1.slim.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

280f7ab88d9e2febe211f486a1643ad3d615821eff62122ab98173bcf80b4f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-57c64b6f5b-m7hjs
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-klot8100072-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:24 GMT
server: nginx
x-timer: S1676876429.909103,VS0,VE275
etag: W/"63bea8d4-11027"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 425ada9b-b0ec-11ed-a833-4aa26e13809e
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 popper.min.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 19 KB
8 KB 1825ms
1270ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/popper.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b680f28971f1715a4e314a1033e432fdb4089b01471b1180fb34ebef2b715b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f869fdd5d-lf9c2
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-kigq8000023-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:22 GMT
server: nginx
x-timer: S1676876429.909181,VS0,VE1003
etag: W/"63bea8d2-4b43"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 42cd0685-b0ec-11ed-ab88-c6182dd58662
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 bootstrap.min.js Show response
dev-xx00xx.pantheonsite.io/git/r3p0/ 48 KB
16 KB 1839ms
1285ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/bootstrap.min.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b67f57d82bba0101e9c84d097be90d5076d23be5c8a2dbf100aef0ad5a0cb1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-57c64b6f5b-m7hjs
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-klot8100113-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:28 GMT
server: nginx
x-timer: S1676876429.909158,VS0,VE1018
etag: W/"63bea8d8-bf7e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 42cc3e85-b0ec-11ed-a833-4aa26e13809e
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 cab.js Show response
dev-metatrex.pantheonsite.io/cab/ 31 KB
18 KB 1111ms
536ms Script
application/x-javascript 2620:12a:8001::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-metatrex.pantheonsite.io/cab/cab.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8001::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6472260cf16886d9f86ebeb5c559e4ab7831064c48a1744e7bee3e17af98f0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-57c64b6f5b-m7hjs
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-kigq8000082-CHI, cache-maa10232-MAA
last-modified: Fri, 17 Feb 2023 04:43:04 GMT
server: nginx
x-timer: S1676876429.937476,VS0,VE263
etag: W/"63ef05d8-7bbd"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 42604437-b0ec-11ed-a833-4aa26e13809e
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 bootstrap.min.css
dev-xx00xx.pantheonsite.io/git/r3p0/ 142 KB
28 KB 1091ms
537ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-xx00xx.pantheonsite.io/git/r3p0/bootstrap.min.css

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

291ca4e41e502d8376c7dd488fc3b0c5ac0a7272f04acdde2190be07920d6789

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-57c64b6f5b-qvgsx
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-kigq8000067-CHI, cache-maa10249-MAA
last-modified: Wed, 11 Jan 2023 12:17:29 GMT
server: nginx
x-timer: S1676876429.908733,VS0,VE265
etag: W/"63bea8d9-2363e"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 425abafa-b0ec-11ed-ba18-cad57e78e132
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 css
fonts.googleapis.com/ 1 KB
874 B 40ms
18ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1d007077dbe23399da0d65f37c9a14cea2fa2e1babb405ace619eb6b58a2321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 07:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 07:00:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 07:00:28 GMT

GET
H2 200 585b051251.js Show response
kit.fontawesome.com/ 11 KB
4 KB 60ms
25ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/585b051251.js

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cddaef1a49287960674430f7b2f137494671f37cd426b97a718f7957fb3926f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: https://firebasestorage.googleapis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:28 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 79c55d8c4d763735-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0JFPj37XGzeEuYwEGpC

GET
H2 200 styl3.css
dev-x0x.pantheonsite.io/git/en-sec-r3p0/ 216 KB
29 KB 1076ms
524ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-x0x.pantheonsite.io/git/en-sec-r3p0/styl3.css

Requested by

Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d5752d3c5957feeeaa88bc4c5c091c71257c58f1762534f27025d058f940ca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7f869fdd5d-ln2lp
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 20 Feb 2023 07:00:29 GMT
age: 0
x-cache: MISS, MISS
expires: Mon, 20 Feb 2023 07:00:28 GMT
x-served-by: cache-chi-klot8100069-CHI, cache-maa10237-MAA
last-modified: Thu, 12 Jan 2023 08:11:21 GMT
server: nginx
x-timer: S1676876429.907464,VS0,VE257
etag: W/"63bfc0a9-35fbe"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 425af74d-b0ec-11ed-a404-c24479ed7278
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-robots-tag: noindex
x-cache-hits: 0, 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 45ms
20ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=585b051251
Requested by: Host: dev-xx00xx.pantheonsite.io
URL: https://dev-xx00xx.pantheonsite.io/git/r3p0/5051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:29 GMT
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCtPTT6r9XBCiNQmmnf%2FgIV9pQIqGA9k%2BE15EuxCR1Clr6UrROpqKOS5eTWp9hHoLKD28LOS2c%2BkIjM1T8EpZeeSNcv4lC%2FxASdytRTGZsy8wM%2FBOYph2767po9XePXfwfYsJVaI6MJ%2F1nNaQFhZcPIzKg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 79c55d9739d139da-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jNuMTEMQR2_CaAGnpyEvOk6HrkkvvabJ86EdlpaOd3FzfyOVbnzW7Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
5 KB 49ms
24ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=585b051251
Requested by: Host: dev-xx00xx.pantheonsite.io
URL: https://dev-xx00xx.pantheonsite.io/git/r3p0/5051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:29 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh5S6%2B4lJ3NVDaWWyq0qgAVMXSYHANcJ%2B6FrRUl%2F%2Fdj01ysRMB6JoGxKfrFCqNAVcsEyMEnzrT3sankwuOmVK93XxZz%2FgNVADSfoRYR9%2BW4xvVAOWvGCQYK%2FoUv6eu2AZctyQ6gIKNn%2BFPjQ3ckjwNywzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 79c55d9739d239da-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MudA8r00I9Z6Y3p7Zvp1M55_Hw4UBnPbAeJMf2CUTVvW5tgmsDkPOA==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 15ms
15ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/585b051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:30 GMT
via: 1.1 65dc50162b685d34f2ac712298bb090c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
age: 1409724
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAxvh4STcNEbShwu%2F3UoQognJjWgmC%2FldTiDQ3nc57UEqBa9fQHsdbNGK7M2Tp6hjLIPpVZ62rVRoSyS%2Bb%2FJXHmp3K7yOOCRW%2Bsy1gMzMhC1HsY0jmue1sndd8WFAe5uAY0P7Z9GWJZsCV001UfGqzNrdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 79c55d97fafa39da-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -Z5D0LlONTOfeM-VjjWwrBGQRw6mghEXrzZsHEVxX6PZ1_WxSd8ACw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 17ms
17ms Fetch
text/css 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/585b051251.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://firebasestorage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:30 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 1650863
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEnL3OAwMzfRT5Z5ECZ1N%2FFR%2FjqbNcrzMjK%2FrVIKN2SFw%2BRpi6mAM7bb6BxFnfxYxOyXFsHMPrcW%2Ft2WOhKxihkH5FzJvMI0QVA%2FsHtgJiZhGMJaJcDG4xHB8wYpUbObqZOGOXGbL6kw31wS6tww5HyWrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 79c55d97fafb39da-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -DF5QSeVRuxbtn7oTRKsP4Ao3w7j725tMA1isZGTi2i84dL0YXcxKg==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eee04084ed41102116b13d784bba4d6e0853dbfc622009ca5cc1159ec764cb2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9cdc958cb930a1989f0ec49d4e68c4a365fd5c607727003da7e63be03d0f7df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.2/webfonts/ 78 KB
79 KB 18ms
17ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: https://firebasestorage.googleapis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:30 GMT
via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80272
last-modified: Wed, 13 Jan 2021 18:39:13 GMT
server: cloudflare
etag: "a156119daf157b8244f7c816f85638cc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FxkHdStkyvBOt%2B%2BQUwAcoUhlcNkkyAY9D4D97UaEMyNHnYJ%2B2RMtkVmFKE2O5gnbYTVuG2pZEbwnzz94AeMF6J5uLnaKSfoPcO8BW7%2BuEc%2FyPdL8KU7eH9XYDhEllgVuiPF0Scx8b3BVEVL2zBhP22TKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 79c55d9808ed37c8-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: VuwcXOZKpI1KAspVXhK3493OHWYAUxZ8c9jJ_3k5KP6qsgmHjBQKdg==

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 18ms
17ms Font
font/woff2 2606:4700:e4::ac40:a916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: firebasestorage.googleapis.com
URL: https://firebasestorage.googleapis.com/v0/b/ab-sw-edad1.appspot.com/o/abb.html?alt=media&token=fd33fd43-fdc2-4ff8-b9a7-2d7501b0a247
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://firebasestorage.googleapis.com/
Origin: https://firebasestorage.googleapis.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:00:30 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyaOAYey1uOijGbac9jatFuMjmZD0yZDFCgr7miDESLGTBZHfxKAMZJJ3fFWTfU2kTozFg8sgbCczuJy6KR7ZaTk1iM1FAt%2FjAA7iNNGIev7ELhbpRJSkFMLXebTWE8ka53ZyfESZbU9RE7V%2BiGub47nVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 79c55d98394537c8-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 8o89wmtVOE-VxA2h6tiOsj6zqJ_t_b9cGgcY1VrCRfa4i1EsWrLliw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dev-metatrex.pantheonsite.io
dev-x0x.pantheonsite.io
dev-xx00xx.pantheonsite.io
firebasestorage.googleapis.com
fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
stellar-valkyrie-811327.netlify.app
2606:4700::6812:1734
2606:4700:e4::ac40:a916
2620:12a:8000::4
2620:12a:8001::4
2a00:1450:4001:800::200a
2a00:1450:4001:803::200a
2a00:1450:400d:807::200a
2a05:d014:275:cb02::c8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
280f7ab88d9e2febe211f486a1643ad3d615821eff62122ab98173bcf80b4f70
291ca4e41e502d8376c7dd488fc3b0c5ac0a7272f04acdde2190be07920d6789
480c77fb59912453e1feb5ae624f579f7755a1e02076eb5a190915c7ecc7a893
6472260cf16886d9f86ebeb5c559e4ab7831064c48a1744e7bee3e17af98f0f3
6acc236968734b44ad14b1808273cde7f7f53eb19c7df6a9790e78002a5c78ac
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70dcd1d1296de9759144f66a66591fd162f852316dd5649dd0493128a4254e17
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
966c5858a974225b8b7f7d1e1ce6a5e8f467f40107352aeaee0fa21c012c3b25
9678923d022a3e48e0a488f643c46e4e83e029f6505ac13da4459666db203aee
a36081184b9dffa1244377face55be3648bf00530b93e2ee034bcbdbb8ff2f31
b67f57d82bba0101e9c84d097be90d5076d23be5c8a2dbf100aef0ad5a0cb1c2
b680f28971f1715a4e314a1033e432fdb4089b01471b1180fb34ebef2b715b82
b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cddaef1a49287960674430f7b2f137494671f37cd426b97a718f7957fb3926f4
d5752d3c5957feeeaa88bc4c5c091c71257c58f1762534f27025d058f940ca30
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
e1d007077dbe23399da0d65f37c9a14cea2fa2e1babb405ace619eb6b58a2321
eee04084ed41102116b13d784bba4d6e0853dbfc622009ca5cc1159ec764cb2e
f9cdc958cb930a1989f0ec49d4e68c4a365fd5c607727003da7e63be03d0f7df
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

firebasestorage.googleapis.com Open in urlscan Pro 2a00:1450:400d:807::200a Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

100 %IPv6

4 Domains

9 Subdomains

9 IPs

3 Countries

557 kBTransfer

1500 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

firebasestorage.googleapis.com
2a00:1450:400d:807::200a Malicious Activity!

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

9
Subdomains

9
IPs

3
Countries

557 kB
Transfer

1500 kB
Size

0
Cookies

22 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!