urlscan.io logo urlscan.io
SecurityTrails logo

admin.bava-staging.artshell.eu Open in urlscan Pro
108.138.233.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.bava-staging.artshell.eu/
Effective URL: https://admin.bava-staging.artshell.eu/admin
Submission Tags: @phishunt_io
Submission: On October 26 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 108.138.233.112, located in United States and belongs to AMAZON-02, US. The main domain is admin.bava-staging.artshell.eu.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 26th 2023. Valid for: a year.
This is the only time admin.bava-staging.artshell.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 108.138.233.112 16509 (AMAZON-02)
22 2
Apex Domain
Subdomains		 Transfer
23 artshell.eu
admin.bava-staging.artshell.eu
2 MB
22 1
Domain Requested by
23 admin.bava-staging.artshell.eu 1 redirects admin.bava-staging.artshell.eu
22 1

This site contains no links.

Subject Issuer Validity Valid
admin.bava-staging.artshell.eu
Amazon RSA 2048 M02		 2023-10-26 -
2024-11-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://admin.bava-staging.artshell.eu/admin
Frame ID: 1CFA5D6A8CFBA0C4279A948BC8E5FFCF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Directus

Page URL History Show full URLs

  1. https://admin.bava-staging.artshell.eu/ HTTP 302
    https://admin.bava-staging.artshell.eu/admin Page URL

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2349 kB
Transfer

6955 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.bava-staging.artshell.eu/ HTTP 302
    https://admin.bava-staging.artshell.eu/admin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request admin
admin.bava-staging.artshell.eu/
Redirect Chain
  • https://admin.bava-staging.artshell.eu/
  • https://admin.bava-staging.artshell.eu/admin
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
13b8d8a50cf36b898195d1f17ec605ad09df17252ba42fb559d46bd8811b4c87
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
no-cache
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 17:16:50 GMT
etag
W/"6dd-CtohzIzVynIQ2flWZp+YwNutbVU"
vary
Accept-Encoding Origin, Cache-Control
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-id
rhUqrPN2lcwpo97OZMrK9OKdG_s7KNyqtXtuYAIeRFFM0uszt6zV3w==
x-amz-cf-pop
LHR61-P4
x-cache
Miss from cloudfront
x-powered-by
Directus

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
Content-Range
content-length
58
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 17:16:50 GMT
location
./admin
vary
Accept
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-id
BGjLdYwtEBuT91SYiP4H28-fsLcs7bUHc9Hutj3WiHWxMm7lqvoZDw==
x-amz-cf-pop
LHR61-P4
x-cache
Miss from cloudfront
x-powered-by
Directus
index.d7302abf.entry.js
admin.bava-staging.artshell.eu/admin/assets/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
ce607756334a7ae324648c7322c87638cee1790077c021de8ae86d6ef8629b6c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
last-modified
Mon, 23 Oct 2023 15:10:41 GMT
etag
W/"57b0f1-18b5d168d68"
vary
Accept-Encoding, Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
x-amz-cf-id
0gx2mWj1vnTBhrpEvsq_Rp2E6_d_4amALDaffG0oCvIYx6Rsi05YgA==
runtime-core.esm-bundler-474556af.js
admin.bava-staging.artshell.eu/admin/assets/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/runtime-core.esm-bundler-474556af.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
9bcabb13640bde8a380be8bfd01fb3915bb40b59315148ee0b8110b60a0c62d2
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
last-modified
Mon, 23 Oct 2023 15:10:41 GMT
etag
W/"10db5-18b5d168d68"
vary
Accept-Encoding, Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
x-amz-cf-id
CPlas7wTHNad08ltp8zusYW9stivXqf6YAY9lsZEudaskHRWT5b6ww==
index-0af072fe.js
admin.bava-staging.artshell.eu/admin/assets/ 		292 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-0af072fe.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
732269ef4e93a1e41527b2abc3d73ec7124c37a7a4951206c37ae550e1c37dbe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
last-modified
Mon, 23 Oct 2023 15:10:41 GMT
etag
W/"49037-18b5d168d68"
vary
Accept-Encoding, Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
x-amz-cf-id
tTgmjPwILnisad_ntsfNhqiJN88NlVFe4zQ57yJrNMKTLHXz-SUSvg==
pinia.85ecdc47.entry.js
admin.bava-staging.artshell.eu/admin/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/pinia.85ecdc47.entry.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
44a7d84ae35bb829bbdd1782ca73c3822db602dc24944fe7c42497f0119d55d3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"1510-18b5d168598"
vary
Accept-Encoding, Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
x-amz-cf-id
GNsgoAD6olcT6KpDeZyOFkMvvfOlRl1hW57U-D3fwWOduJf3K3Yy2w==
vue.runtime.esm-bundler-af75f279.js
admin.bava-staging.artshell.eu/admin/assets/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/vue.runtime.esm-bundler-af75f279.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
cd48b2d4597454f94c6ff22e9f0b46a52c6e7e96e5e1325e222e7e502e0d3b81
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
21295
last-modified
Mon, 23 Oct 2023 15:10:40 GMT
etag
W/"532f-18b5d168980"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
g_CSzJbZbN_uDFZK1kq2XHnEHLipHgWt7fYzcMBII3IR11vgdYRjqA==
vue-i18n.0b092b2f.entry.js
admin.bava-staging.artshell.eu/admin/assets/ 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/vue-i18n.0b092b2f.entry.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
f741a188cf2595668b686d13628ed1465c963409d9292ff4872c93713171fc87
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
60771
last-modified
Mon, 23 Oct 2023 15:10:41 GMT
etag
W/"ed63-18b5d168d68"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
-hynyrCfmZgdQav2CDc2RoOXezMctvXayV6kUDlXNiysuzeG7Pkmpg==
vue-router.60d75471.entry.js
admin.bava-staging.artshell.eu/admin/assets/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/vue-router.60d75471.entry.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
abf61a089846cab0e6045a9481ca6c81538e88a26d0321cfc237c66d4bc213f4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
24893
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"613d-18b5d168598"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
gLUrNPw6SPpB1VpZGsuhBtPMIZC8Bz0vvnsoU9xlznHqFKvnxqCEqA==
index-88c4f728.css
admin.bava-staging.artshell.eu/admin/assets/ 		466 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
88c4f728ef4eeaf220cb01a74e7f34dad17d5694b29dbf87929d1f56b4af2a85
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.bava-staging.artshell.eu/admin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:50 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
content-encoding
gzip
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"7495f-18b5d168598"
vary
Accept-Encoding, Origin, Cache-Control
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
x-amz-cf-id
XCCd4swNCK8lnm5wAI6NSpLkGxPyJkyAD1eHhC-fMp7iNEeSg_hu3w==
index.js
admin.bava-staging.artshell.eu/extensions/sources/ 		182 B
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/extensions/sources/index.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
e76b148f4791d8a0f7a90ffa069387952f8e11a8e250755aee45902b9bf61560
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
vary
Origin, Cache-Control
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
no-store
access-control-allow-credentials
true
content-length
182
x-amz-cf-id
R-qAltlmRRoj-szSXxVXp5RUBFhvkIq71KQFDWxcKsdJC2NJsxYo1A==
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/webp
refresh
admin.bava-staging.artshell.eu/auth/ 		229 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/auth/refresh
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-0af072fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
60eeb7a2cba56c4e30daa85a278ce6cd8bcd5e2fc9ff297a5c9deecc8f75da74
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.bava-staging.artshell.eu/admin/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
etag
W/"e5-IUNfDeVvd93YXOyx6QQfBKrDuSM"
x-cache
Error from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
access-control-allow-credentials
true
content-length
229
x-amz-cf-id
wPfLfWV-5osVNkpwIMkts1x49_4bZfYcqAQvXY7kaC9ZMiM8UR3p9Q==
info
admin.bava-staging.artshell.eu/server/ 		129 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/server/info
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-0af072fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
bfce9493ce1b215dc15cb15b8dcf4152365094aaa6ac25b6eb25173ebd974f3d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.bava-staging.artshell.eu/admin/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
etag
W/"81-I+gCSOr+04HUeXkhSSHc8EVBL8U"
vary
Origin, Cache-Control
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
no-cache
access-control-allow-credentials
true
content-length
129
x-amz-cf-id
IYQvv_1sd-RmQxj4EC6dVD5UwyEtM-_ZxklQMQT1UZ0-ZQUdE0Wfmw==
auth
admin.bava-staging.artshell.eu/ 		34 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/auth
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-0af072fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
caabb888b272a02d69bb2f9910e88ff87d99a171d596d0bd501653e3c154c7fa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.bava-staging.artshell.eu/admin/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
etag
W/"22-O1BaNaG7zIwtn+iaxMwyk71bs0c"
vary
Origin, Cache-Control
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
no-cache
access-control-allow-credentials
true
content-length
34
x-amz-cf-id
K4iOPPIAzzy7t8TWe5vSLAMufkpokZyZ14gz_3MA5HhTqH-q3UJIdw==
index-0b811f43.js
admin.bava-staging.artshell.eu/admin/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-0b811f43.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
ec1ee597e8aa085c018c27aee5ca2a7aa25b69f0ff65f5bdcf4a77c138a16a14
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
1624
last-modified
Mon, 23 Oct 2023 15:10:40 GMT
etag
W/"658-18b5d168980"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
ICre9-88aSXAnVFj-gQZa9yVjJ8o9o2w2FvWK2FyfeFDfRDTYj1rpA==
index-7f84a5da.js
admin.bava-staging.artshell.eu/admin/assets/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-7f84a5da.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
7bc6c45e803e77452cc947a3181430320f936363a8d595e522f71a9cb818aab5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
2356
last-modified
Mon, 23 Oct 2023 15:10:40 GMT
etag
W/"934-18b5d168980"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
bdy-e1LUXE3OOE0nPEXsaFDHkxMfoZt_1l6v0teijy2VlIJho_bcZA==
index-06eb6e8d.js
admin.bava-staging.artshell.eu/admin/assets/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-06eb6e8d.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
6bf78eef8dca16d285beeceeba45df66486d8de5abb381d8bc5ccb294bbe8770
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
1278
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"4fe-18b5d168598"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
ItPUFn6S_7yNIkn9eY8wIS7s2DoYfQ2Xu4YXz5pfNXom1_PQ13ftIg==
index-b9af16fb.js
admin.bava-staging.artshell.eu/admin/assets/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/index-b9af16fb.js
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index.d7302abf.entry.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
bc140af8a6d8afdbf258da53bdbd8f711f4d8d91e7a250871268fcda6a4c0af9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
4816
last-modified
Mon, 23 Oct 2023 15:10:40 GMT
etag
W/"12d0-18b5d168980"
vary
Origin, Cache-Control
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
1kSMg_TzSr_0d3B4IDo5veM1BaTKiHxezpw40OFOXw8-0vxnHSMd1w==
Inter-Bold-f0f54a06.woff2
admin.bava-staging.artshell.eu/admin/assets/ 		94 KB
94 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/Inter-Bold-f0f54a06.woff2
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
f0f54a061e142b0d4162535b6bae6c101e564a4425311c84e03c81ecf75182ac
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
95928
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"176b8-18b5d168598"
vary
Origin, Cache-Control
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
93ESiFzCY-AWG2B_OK3mwvpDumnXG6b55WZzur5-il3aji9iUmxSGw==
Inter-Medium-a4e1e7e6.woff2
admin.bava-staging.artshell.eu/admin/assets/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/Inter-Medium-a4e1e7e6.woff2
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
a4e1e7e6c1021f0f62e6f5878d260e7fd69171a110f92306257f1b01240caccd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
106720
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"1a0e0-18b5d168598"
vary
Origin, Cache-Control
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
S5YisyVePFeB9ZWql7YbT1YpgMEI1YaffMLusZIUpiHLg0qgdkqZ5g==
Inter-Black-5ab3de07.woff2
admin.bava-staging.artshell.eu/admin/assets/ 		91 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/Inter-Black-5ab3de07.woff2
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
5ab3de075055461d46641fbdcd8f02b286c59e3296faaace7c39c8550e824bb7
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
93180
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"16bfc-18b5d168598"
vary
Origin, Cache-Control
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
3kGi5ZxHX2E9JCP5JeVc1bNZuiyC7Lk_n-KM9BRsxBb4aCc5KokRYw==
Inter-SemiBold-af44b8a2.woff2
admin.bava-staging.artshell.eu/admin/assets/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/Inter-SemiBold-af44b8a2.woff2
Requested by
Host: admin.bava-staging.artshell.eu
URL: https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
af44b8a232c6946b5d4ced0df202e29f1330f66a2587b581826fd561bda24fad
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

Referer
https://admin.bava-staging.artshell.eu/admin/assets/index-88c4f728.css
Origin
https://admin.bava-staging.artshell.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
107232
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"1a2e0-18b5d168598"
vary
Origin, Cache-Control
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
pySp2CossFhjs9oMRm9CD3Pi5rwgB2LvIaVZ660XeXtM21_ZmGS_tA==
logo-light-7a327cdd.svg
admin.bava-staging.artshell.eu/admin/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.bava-staging.artshell.eu/admin/assets/logo-light-7a327cdd.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-112.lhr61.r.cloudfront.net
Software
/ Directus
Resource Hash
7a327cddf0dc21e0a8b713cad7db2c4c4781eb7c4bbe679c22d970079f636429
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://admin.bava-staging.artshell.eu/admin/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:16:51 GMT
content-security-policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
via
1.1 64f1d594216061fb1311499e08a4ee1a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-P4
x-powered-by
Directus
x-cache
Miss from cloudfront
content-length
1311
last-modified
Mon, 23 Oct 2023 15:10:39 GMT
etag
W/"51f-18b5d168598"
vary
Origin, Cache-Control
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range
cache-control
max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
YWQHwMf0dyq3Z14vfBmZnVA5HeKpg0UdLPakiFWUlKp9Wc89AsCFzA==

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| __vueuse_ssr_handlers__ function| Suggestions object| FontAwesomeConfig object| ___FONT_AWESOME___ function| saveAs object| TreemapSquared function| SVG object| Apex function| flatpickr boolean| __VUE__

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://admin.bava-staging.artshell.eu/auth/refresh
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob:;media-src 'self';connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.bava-staging.artshell.eu
108.138.233.112
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
13b8d8a50cf36b898195d1f17ec605ad09df17252ba42fb559d46bd8811b4c87
44a7d84ae35bb829bbdd1782ca73c3822db602dc24944fe7c42497f0119d55d3
5ab3de075055461d46641fbdcd8f02b286c59e3296faaace7c39c8550e824bb7
60eeb7a2cba56c4e30daa85a278ce6cd8bcd5e2fc9ff297a5c9deecc8f75da74
6bf78eef8dca16d285beeceeba45df66486d8de5abb381d8bc5ccb294bbe8770
732269ef4e93a1e41527b2abc3d73ec7124c37a7a4951206c37ae550e1c37dbe
7a327cddf0dc21e0a8b713cad7db2c4c4781eb7c4bbe679c22d970079f636429
7bc6c45e803e77452cc947a3181430320f936363a8d595e522f71a9cb818aab5
88c4f728ef4eeaf220cb01a74e7f34dad17d5694b29dbf87929d1f56b4af2a85
9bcabb13640bde8a380be8bfd01fb3915bb40b59315148ee0b8110b60a0c62d2
a4e1e7e6c1021f0f62e6f5878d260e7fd69171a110f92306257f1b01240caccd
abf61a089846cab0e6045a9481ca6c81538e88a26d0321cfc237c66d4bc213f4
af44b8a232c6946b5d4ced0df202e29f1330f66a2587b581826fd561bda24fad
bc140af8a6d8afdbf258da53bdbd8f711f4d8d91e7a250871268fcda6a4c0af9
bfce9493ce1b215dc15cb15b8dcf4152365094aaa6ac25b6eb25173ebd974f3d
caabb888b272a02d69bb2f9910e88ff87d99a171d596d0bd501653e3c154c7fa
cd48b2d4597454f94c6ff22e9f0b46a52c6e7e96e5e1325e222e7e502e0d3b81
ce607756334a7ae324648c7322c87638cee1790077c021de8ae86d6ef8629b6c
e76b148f4791d8a0f7a90ffa069387952f8e11a8e250755aee45902b9bf61560
ec1ee597e8aa085c018c27aee5ca2a7aa25b69f0ff65f5bdcf4a77c138a16a14
f0f54a061e142b0d4162535b6bae6c101e564a4425311c84e03c81ecf75182ac
f741a188cf2595668b686d13628ed1465c963409d9292ff4872c93713171fc87