urlscan.io logo urlscan.io
SecurityTrails logo

teams--contract04003.web.app Open in urlscan Pro
2620:0:890::100  Public Scan

Go To Rescan Add Verdict Report
URL: https://teams--contract04003.web.app/
Submission: On March 08 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is teams--contract04003.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.
This is the only time teams--contract04003.web.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2620:0:890::100 54113 (FASTLY)
3 185.65.236.168 33968 (INTERNETE...)
4 2
Apex Domain
Subdomains		 Transfer
3 pension.ninja
pension.ninja
30 KB
1 web.app
teams--contract04003.web.app
131 KB
4 2
Domain Requested by
3 pension.ninja teams--contract04003.web.app
1 teams--contract04003.web.app
4 2

This site contains no links.

Subject Issuer Validity Valid
web.app
GTS CA 1D4		 2023-03-06 -
2023-06-04		 3 months crt.sh
pension.ninja
cPanel, Inc. Certification Authority		 2022-12-30 -
2023-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://teams--contract04003.web.app/
Frame ID: C5803E8DDB6244F65090462ED692A085
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Background

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

161 kB
Transfer

227 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
teams--contract04003.web.app/ 		198 KB
131 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://teams--contract04003.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4a9cbfc1ba4084b8c0b06f5fafdd304919437cbb749ed59ee0c2b031a9f60e81
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
133984
content-type
text/html; charset=utf-8
date
Wed, 08 Mar 2023 03:24:12 GMT
etag
"eba75cf480e1cf1f400d83a3c6769b1c6e9fe21c133a04bc26892efaf3f5ab0a-br"
last-modified
Mon, 06 Mar 2023 16:35:21 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-hhn-etou8220028-HHN
x-timer
S1678245852.196478,VS0,VE1
aduser.css
pension.ninja/sd/media//css/ 		15 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pension.ninja/sd/media//css/aduser.css
Requested by
Host: teams--contract04003.web.app
URL: https://teams--contract04003.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.65.236.168 , United Kingdom, ASN33968 (INTERNETENGINEERINGAS, GB),
Reverse DNS
merlin.xssl.net
Software
Apache /
Resource Hash
f5b36b52035797a1d9d6821574846302590cb71bc66b2049a174593b5ce056e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://teams--contract04003.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 03:24:12 GMT
last-modified
Mon, 21 Jun 2021 23:35:42 GMT
server
Apache
accept-ranges
bytes
content-length
14969
content-type
text/css
helpers.js
pension.ninja/sd/media//js/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pension.ninja/sd/media//js/helpers.js?ver=12839297292
Requested by
Host: teams--contract04003.web.app
URL: https://teams--contract04003.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.65.236.168 , United Kingdom, ASN33968 (INTERNETENGINEERINGAS, GB),
Reverse DNS
merlin.xssl.net
Software
Apache /
Resource Hash
6f603fe4c1d0a9f537a2e27d7cbcafc58d30a74511611ac3181c5c99d3dcb26a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://teams--contract04003.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 03:24:12 GMT
last-modified
Mon, 21 Jun 2021 23:35:42 GMT
server
Apache
accept-ranges
bytes
content-length
13727
content-type
application/javascript
app.js
pension.ninja/sd/media//js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pension.ninja/sd/media//js/app.js?ver=21313
Requested by
Host: teams--contract04003.web.app
URL: https://teams--contract04003.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.65.236.168 , United Kingdom, ASN33968 (INTERNETENGINEERINGAS, GB),
Reverse DNS
merlin.xssl.net
Software
Apache /
Resource Hash
d40692153eb0853f50efbce87bf2a3b1f5258068a4a770f259b257b71845e3b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://teams--contract04003.web.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 03:24:12 GMT
last-modified
Mon, 21 Jun 2021 23:35:42 GMT
server
Apache
accept-ranges
bytes
content-length
1301
content-type
application/javascript

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| LIB_phrase string| LIB_view number| ____retry string| ____media string| ____b string| ____rdr object| d object| s function| validateEmail function| getUrlParameter function| getHashParameters function| capitalizeFirstLetter function| getEmailDomain function| getEmailDomainName function| getParameters function| initApp function| getExtraData function| submit function| loginUserSetup function| trueLoginUserSetup function| sendPost function| sendGet function| bindXhr function| nodeScriptReplace function| nodeScriptIs function| nodeScriptClone object| LIB_userInput object| LIB_pwdInput object| LIB_submitButton object| LIB_spinner number| LIB_trialLimit object| LIB_beforeSend object| LIB_onAppSuccess object| LIB_onComplete object| LIB_onLoginFail object| LIB_onServerError undefined| LIB_form object| LIB_submitInputs object| LIB_setup object| LIB_extraData function| LIB_validate function| bindElements

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload