accounts.lab.zip Open in urlscan Pro
104.18.21.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://accounts.lab.zip/
Effective URL:
https://accounts.lab.zip/
Submission Tags: @phish_report
Submission: On March 07 via api (March 7th 2024, 8:50:16 pm UTC) from FI — Scanned from AU

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 104.18.21.113, located in and belongs to CLOUDFLARENET, US. The main domain is accounts.lab.zip.
TLS certificate: Issued by E1 on March 7th 2024. Valid for: 3 months.

This is the only time accounts.lab.zip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.18.21.113 104.18.21.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
11	2

10 104.18.21.113 (None, )

ASN13335 (CLOUDFLARENET, US)

accounts.lab.zip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lab.zip accounts.lab.zip	190 KB
1	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6341	1 KB
11	2

	Domain	Requested by
10	accounts.lab.zip	accounts.lab.zip
1	js.sentry-cdn.com	accounts.lab.zip
11	2

This site contains no links.

Subject Issuer	Validity	Valid
accounts.lab.zip E1	`2024-03-07` - `2024-06-05`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.lab.zip/
Frame ID: 62BB38FE90357BBFADAF65409D4DDEBA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found

Page URL History Show full URLs

http://accounts.lab.zip/ HTTP 307
https://accounts.lab.zip/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

192 kB
Transfer

692 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://accounts.lab.zip/ HTTP 307
https://accounts.lab.zip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
accounts.lab.zip/
Redirect Chain

http://accounts.lab.zip/
https://accounts.lab.zip/

12 KB
4 KB

1220ms
598ms

Document
text/html

104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fea0a63d5f83baeeb23de0663057147eefa4469a00efa058812dd7abd50aae3c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 860d74c72eb48664-PER
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
content-type: text/html; charset=utf-8
date: Thu, 07 Mar 2024 20:50:09 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-cfworker: 1
x-content-type-options: nosniff
x-country: AU
x-download-options: noopen
x-frame-options: deny
x-matched-path: /
x-vercel-cache: MISS
x-vercel-id: syd1::sfo1::vrzpb-1709844609271-abd36515c1b5
x-xss-protection: 1

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://accounts.lab.zip/
Non-Authoritative-Reason: HSTS

GET
H2 200 7596ec80d1d546329e60740280a0f861.min.js Show response
js.sentry-cdn.com/ 567 B
1 KB 324ms
107ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/7596ec80d1d546329e60740280a0f861.min.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26c174cbd3668e4c6d25c58130055263040156b19ffd512329d6b956b63204bd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src blob: data: ; media-src ; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; default-src 'none'; worker-src blob:; frame-ancestors 'self' .sentry.io; style-src 'unsafe-inline' ; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; object-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=258c0d91b321b6f44a85677d992a46f05688af53
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://accounts.lab.zip
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src blob: data: *; media-src *; font-src * data:; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; default-src 'none'; worker-src blob:; frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; object-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=258c0d91b321b6f44a85677d992a46f05688af53
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 20:50:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 234
x-envoy-upstream-service-time: 14
content-length: 241
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-57b7dd4668-qsgsl, cache-chi-klot8100021-CHI, cache-bne12525-BNE
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ea6fefabfc6114ce.css
accounts.lab.zip/_next/static/css/ 5 KB
2 KB 64ms
63ms Stylesheet
text/css 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/css/ea6fefabfc6114ce.css

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cc753888a843d73188bb64ac4df1aa100f1e5266f5cd95aa6ffce555d7fcaa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 773248
content-disposition: inline; filename="ea6fefabfc6114ce.css"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::grqtt-1709057679191-7ce0e4ce9d1a
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/css/ea6fefabfc6114ce.css
etag: W/"b50934be0e213476112cf415a1d90740"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74caff728664-PER
expires: Fri, 07 Mar 2025 20:50:09 GMT

GET
H2 200 webpack-fa99431b15635937.js Show response
accounts.lab.zip/_next/static/chunks/ 2 KB
1 KB 63ms
63ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/chunks/webpack-fa99431b15635937.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e359e43f746be7247663d792b8d22fb11f7514676354dca250efdb372c942636

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 1363254
content-disposition: inline; filename="webpack-fa99431b15635937.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::8sqnx-1699555047075-cbc38118f1d4
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/chunks/webpack-fa99431b15635937.js
etag: W/"793086298b0d7a0a4489f291520a7ecd"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74cb5f828664-PER
expires: Fri, 07 Mar 2025 20:50:09 GMT

GET
H3 200 framework-0c7baedefba6b077.js Show response
accounts.lab.zip/_next/static/chunks/ 138 KB
46 KB 66ms
66ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/chunks/framework-0c7baedefba6b077.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd1cca3aebcdd10c33d713a95479909354ddbc5d5ad9761466ac27ea528895d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:09 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 165180
content-disposition: inline; filename="framework-0c7baedefba6b077.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::tkpvc-1701444243433-7b0a11ef53df
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/chunks/framework-0c7baedefba6b077.js
etag: W/"71351d23ecdbfb39cb548f7cb628ecf9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74cbcd3787b6-PER
expires: Fri, 07 Mar 2025 20:50:09 GMT

GET
H3 200 main-c82464b9be3d3aaf.js Show response
accounts.lab.zip/_next/static/chunks/ 128 KB
38 KB 65ms
65ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/chunks/main-c82464b9be3d3aaf.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8fa1e6d98fc87e23efd0b8fe1dcabbb6741661adb00aa84b264b02e00370ec5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 2978674
content-disposition: inline; filename="main-c82464b9be3d3aaf.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::htmkk-1701456513331-31adc919681a
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/chunks/main-c82464b9be3d3aaf.js
etag: W/"5a8290c924e9dec57f9264e3119c87b8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74ccdd8187b6-PER
expires: Fri, 07 Mar 2025 20:50:10 GMT

GET
H3 200 _app-36cb6b0a09d6d352.js Show response
accounts.lab.zip/_next/static/chunks/pages/ 313 KB
75 KB 89ms
89ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/chunks/pages/_app-36cb6b0a09d6d352.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a540f841d76f2ede2e70634f4ddeffd2df7a6d30406e876a55a485da91f0c24b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 246044
content-disposition: inline; filename="_app-36cb6b0a09d6d352.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::snktv-1709598083258-e425c4e20f55
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/chunks/pages/_app-36cb6b0a09d6d352.js
etag: W/"0712a2eb018acf1105e9fed462e657c5"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74ccfd8c87b6-PER
expires: Fri, 07 Mar 2025 20:50:10 GMT

GET
H3 200 index-42e6cba7661573f7.js Show response
accounts.lab.zip/_next/static/chunks/pages/ 439 B
917 B 134ms
133ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/chunks/pages/index-42e6cba7661573f7.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f10155e97ff71985cd9df19efa0a4e8c8b12de4010f5331daf24bd149f5ff5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 764981
content-disposition: inline; filename="index-42e6cba7661573f7.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::m9x2v-1709070011933-1d02f51c16f1
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/chunks/pages/index-42e6cba7661573f7.js
etag: W/"15a6d106b7a216711c75b86e94ad5d42"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74cd0d8d87b6-PER
expires: Fri, 07 Mar 2025 20:50:10 GMT

GET
H3 200 _buildManifest.js Show response
accounts.lab.zip/_next/static/wHPBmxZcHcKazxEc5cyNb/ 2 KB
1 KB 135ms
134ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/wHPBmxZcHcKazxEc5cyNb/_buildManifest.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc85bd2802e64d4d031942beca48ca49927083d668e06896ed03147e98474543

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 246044
content-disposition: inline; filename="_buildManifest.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::hpwsz-1709598083259-a919c13ff601
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/wHPBmxZcHcKazxEc5cyNb/_buildManifest.js
etag: W/"458826f3f5e2749e314701c274caa0e9"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74cd0d8e87b6-PER
expires: Fri, 07 Mar 2025 20:50:10 GMT

GET
H3 200 _ssgManifest.js Show response
accounts.lab.zip/_next/static/wHPBmxZcHcKazxEc5cyNb/ 77 B
687 B 135ms
134ms Script
application/javascript 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.lab.zip/_next/static/wHPBmxZcHcKazxEc5cyNb/_ssgManifest.js

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
age: 246044
content-disposition: inline; filename="_ssgManifest.js"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::62lk8-1709598083257-32b7c916cf02
server: cloudflare
x-cfworker: 1
x-matched-path: /_next/static/wHPBmxZcHcKazxEc5cyNb/_ssgManifest.js
etag: W/"b6652df95db52feb4daf4eca35380933"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=31536000
x-vercel-cache: HIT
cf-ray: 860d74cd0d9087b6-PER
expires: Fri, 07 Mar 2025 20:50:10 GMT

GET
H3 200 default-redirect-illustration.svg
accounts.lab.zip/ 92 KB
21 KB 155ms
154ms Image
image/svg+xml 104.18.21.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.lab.zip/default-redirect-illustration.svg

Requested by

Host: accounts.lab.zip
URL: https://accounts.lab.zip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dc05af14307cbc7571dcfa34535e38038da368a85ae44bbbd46331afd0c447c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://accounts.lab.zip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 20:50:10 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
content-security-policy: default-src 'self' *.lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com *.ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
content-disposition: inline; filename="default-redirect-illustration.svg"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1
referrer-policy: same-origin
x-vercel-id: syd1::lgjwf-1709844610156-e50171bebf2f
server: cloudflare
x-cfworker: 1
x-matched-path: /default-redirect-illustration.svg
etag: W/"34245920c0da74c7eaefe93d509cda4c"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: deny
content-type: image/svg+xml
access-control-allow-origin: *
x-country: AU
cache-control: public, max-age=14400
x-vercel-cache: HIT
cf-ray: 860d74cd0d9787b6-PER
expires: Fri, 08 Mar 2024 00:50:10 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.accounts.lab.zip/	1970-01-20 18:57:26	Name: __cf_bm Value: _biPd8wH3Q5oRlVxsGEDqzNd2nHaerD2SnWBxLgjTtw-1709844609-1.0.1.1-n6V2IZ4ghfEDNvnh5J3BlaYghfBrTK97h0jJ1_80VBfKRxvkLY2ngk_N7I5VJNwBge5wqyUyZtNecgltI1cPdw
			.accounts.lab.zip/	1969-12-31 23:59:59	Name: _cfuvid Value: bk8hISJNNDtBYl8CoqY9oS2.bXuXbEHRNhXpPXYukOs-1709844609694-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.lab.zip/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' .lab.zip cdn.jsdelivr.net js.sentry-cdn.com browser.sentry-cdn.com .ingest.sentry.io challenges.cloudflare.com; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src 'self' data: *; font-src fonts.gstatic.com; worker-src blob:;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.lab.zip
js.sentry-cdn.com
104.18.21.113
151.101.2.217
1cd1cca3aebcdd10c33d713a95479909354ddbc5d5ad9761466ac27ea528895d
26c174cbd3668e4c6d25c58130055263040156b19ffd512329d6b956b63204bd
5dc05af14307cbc7571dcfa34535e38038da368a85ae44bbbd46331afd0c447c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
a2f10155e97ff71985cd9df19efa0a4e8c8b12de4010f5331daf24bd149f5ff5
a540f841d76f2ede2e70634f4ddeffd2df7a6d30406e876a55a485da91f0c24b
a8fa1e6d98fc87e23efd0b8fe1dcabbb6741661adb00aa84b264b02e00370ec5
b5cc753888a843d73188bb64ac4df1aa100f1e5266f5cd95aa6ffce555d7fcaa
bc85bd2802e64d4d031942beca48ca49927083d668e06896ed03147e98474543
e359e43f746be7247663d792b8d22fb11f7514676354dca250efdb372c942636
fea0a63d5f83baeeb23de0663057147eefa4469a00efa058812dd7abd50aae3c

accounts.lab.zip Open in urlscan Pro 104.18.21.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

192 kBTransfer

692 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

accounts.lab.zip Open in urlscan Pro
104.18.21.113 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

192 kB
Transfer

692 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions