preauthorizations.hqsite.online Open in urlscan Pro
31.131.16.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Submission: On November 26 via manual (November 26th 2022, 12:15:40 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 10 HTTP transactions. The main IP is 31.131.16.29, located in Ukraine and belongs to VPS-UA-AS, UA. The main domain is preauthorizations.hqsite.online.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 15th 2022. Valid for: 3 months.

This is the only time preauthorizations.hqsite.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	31.131.16.29 31.131.16.29	56851 (VPS-UA-AS) (VPS-UA-AS)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
10	6

4 31.131.16.29 (Ukraine)

ASN56851 (VPS-UA-AS, UA)
PTR: 29.16.131.31.uashared05.twinservers.net

preauthorizations.hqsite.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	hqsite.online preauthorizations.hqsite.online	53 KB
2	gstatic.com fonts.gstatic.com	33 KB
2	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4262	70 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 93	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 282	6 KB
10	5

	Domain	Requested by
4	preauthorizations.hqsite.online	preauthorizations.hqsite.online
2	fonts.gstatic.com	fonts.googleapis.com
2	raw.githubusercontent.com	preauthorizations.hqsite.online
1	fonts.googleapis.com	preauthorizations.hqsite.online
1	cdnjs.cloudflare.com	preauthorizations.hqsite.online
10	5

This site contains no links.

Subject Issuer	Validity	Valid
preauthorizations.hqsite.online cPanel, Inc. Certification Authority	`2022-11-15` - `2023-02-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Frame ID: 0F29645D5E04DB6E0C58F5667AFC25F1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CC|VCC|Pre-Authorization|Customer Verify Page

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

163 kB
Transfer

314 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
preauthorizations.hqsite.online/ 869 B
674 B 262ms
47ms Document
text/html 31.131.16.29
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.16.29 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 29.16.131.31.uashared05.twinservers.net
Software: LiteSpeed /
Resource Hash: 55ea105f1c3bf1dcc326d2a1b52f72ac61130f0a311ba87266ef275f415c7339

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=0
content-encoding: br
content-length: 381
content-type: text/html
date: Sat, 26 Nov 2022 00:15:35 GMT
expires: Sat, 26 Nov 2022 00:15:35 GMT
last-modified: Sat, 19 Nov 2022 01:02:54 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 90ms
37ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1317902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FdPYVGpMAzsNYcgzcNEX7bgtCdlymyzPUcTjKRzWXWjC17gCc3ZIVsqCfeVuFwl240vngWHk%2BtHfJ3qAeX8vuw5AcUf0Z%2Bff4LCkZjfHWWrXII%2Bs%2FrXAnakshRsiDX5hqg1hvgpqJudx0%2F8rr2hLoUB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76fe6e37784f9ba1-FRA
expires: Thu, 16 Nov 2023 00:15:35 GMT

GET
H2 200 app.2b742ecb.css
preauthorizations.hqsite.online/css/ 15 KB
3 KB 49ms
47ms Stylesheet
text/css 31.131.16.29
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://preauthorizations.hqsite.online/css/app.2b742ecb.css
Requested by: Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.16.29 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 29.16.131.31.uashared05.twinservers.net
Software: LiteSpeed /
Resource Hash: 5178b7e7121715439b9a25fb5161cbe6b16164b9351d22242a9314815b984270

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:15:35 GMT
content-encoding: br
last-modified: Sat, 19 Nov 2022 01:02:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=691200
accept-ranges: bytes
content-length: 3412
expires: Sun, 04 Dec 2022 00:15:35 GMT

GET
H2 200 app.c02f42d2.js Show response
preauthorizations.hqsite.online/js/ 21 KB
6 KB 92ms
91ms Script
application/javascript 31.131.16.29
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://preauthorizations.hqsite.online/js/app.c02f42d2.js
Requested by: Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.16.29 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 29.16.131.31.uashared05.twinservers.net
Software: LiteSpeed /
Resource Hash: e4199dd2510a6ea00090c6e3ff9cca5859f5dd299fe85a92fac22d2f00e47ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:15:35 GMT
content-encoding: br
last-modified: Mon, 21 Nov 2022 13:14:40 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
content-length: 5635
expires: Sun, 04 Dec 2022 00:15:35 GMT

GET
H2 200 chunk-vendors.69d8a15b.js Show response
preauthorizations.hqsite.online/js/ 128 KB
43 KB 94ms
93ms Script
application/javascript 31.131.16.29
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://preauthorizations.hqsite.online/js/chunk-vendors.69d8a15b.js
Requested by: Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.16.29 , Ukraine, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 29.16.131.31.uashared05.twinservers.net
Software: LiteSpeed /
Resource Hash: 927d3a9bad757382df46a7f059245bb369fb9c5ec5ec201874292e5067521823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 00:15:35 GMT
content-encoding: br
last-modified: Sat, 19 Nov 2022 01:02:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
content-length: 44157
expires: Sun, 04 Dec 2022 00:15:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 93ms
33ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/css/app.2b742ecb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3923f928d9a6c5410f2d8ce11a9e7fcfe75fad1e62eeb4e452bfee7bf307a560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 00:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 00:15:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 00:15:35 GMT

GET
H2 200 22.jpeg
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ 54 KB
54 KB 283ms
207ms Image
image/jpeg 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/22.jpeg

Requested by

Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a21c1d3ca26fe0d9c9163c32ebd0230b60bbe57387ec21d38450d0f88c7b1cdf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 750987390e1d7ae9b690abf1ecb294f8955991f8
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 00:15:36 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
content-length: 54825
x-xss-protection: 1; mode=block
x-served-by: cache-ams21030-AMS
x-github-request-id: E7FE:1389E:129CDF:17FD98:638150FF
x-timer: S1669421736.846154,VS0,VE171
etag: W/"2a48ca675508cc229583c4a923050e6aa785785b2fd40d16716ff76c9687508e"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:20:36 GMT

GET
H2 200 chip.png
raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/ 16 KB
17 KB 220ms
144ms Image
image/png 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/muhammederdem/credit-card-form/master/src/assets/images/chip.png

Requested by

Host: preauthorizations.hqsite.online
URL: https://preauthorizations.hqsite.online/?OrderID:213jkkj1_0021AD&930&000213

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preauthorizations.hqsite.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-fastly-request-id: 0b96b89e27e8673eb97a08db2d41463093865a39
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sat, 26 Nov 2022 00:15:35 GMT
via: 1.1 varnish
x-cache-hits: 1
x-cache: HIT
content-length: 16470
x-xss-protection: 1; mode=block
x-served-by: cache-ams21030-AMS
x-github-request-id: 0F14:46FD:17C4BD:19CBC9:6380493F
x-timer: S1669421736.846120,VS0,VE108
etag: W/"0eef0729fb842b647b8e55e6077eb705bfff46d0f861a866fe759566cb54d035"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sat, 26 Nov 2022 00:20:35 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preauthorizations.hqsite.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 19 Nov 2022 13:30:55 GMT
x-content-type-options: nosniff
age: 557080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:30:55 GMT

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
fonts.gstatic.com/s/sourcecodepro/v22/ 19 KB
19 KB 73ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Code+Pro:400,500,600,700|Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2e64053b56afdcc933af75555920cf89c08b8ca04961f4815abdbd0bdcdbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preauthorizations.hqsite.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 00:09:50 GMT
x-content-type-options: nosniff
age: 259545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19680
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 18:25:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:09:50 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackJsonp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
preauthorizations.hqsite.online
raw.githubusercontent.com
2606:4700::6811:190e
2606:50c0:8001::154
2a00:1450:4001:802::200a
2a00:1450:4001:811::2003
31.131.16.29
1c2e64053b56afdcc933af75555920cf89c08b8ca04961f4815abdbd0bdcdbc3
1d00c6f0cc689179cfc4dab54f10163635df53e0472ec87fb40790a74f4dbce2
3923f928d9a6c5410f2d8ce11a9e7fcfe75fad1e62eeb4e452bfee7bf307a560
5178b7e7121715439b9a25fb5161cbe6b16164b9351d22242a9314815b984270
55ea105f1c3bf1dcc326d2a1b52f72ac61130f0a311ba87266ef275f415c7339
612d3c3f8efad0b9073b164950a2c3b5ed6d73e214fe539e6c21b4f18fed0ad8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
927d3a9bad757382df46a7f059245bb369fb9c5ec5ec201874292e5067521823
a21c1d3ca26fe0d9c9163c32ebd0230b60bbe57387ec21d38450d0f88c7b1cdf
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
e4199dd2510a6ea00090c6e3ff9cca5859f5dd299fe85a92fac22d2f00e47ce3

preauthorizations.hqsite.online Open in urlscan Pro 31.131.16.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

163 kBTransfer

314 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

preauthorizations.hqsite.online Open in urlscan Pro
31.131.16.29 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

163 kB
Transfer

314 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions