mettle-event-team2.dronederby.io Open in urlscan Pro
34.36.207.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mettle-event-team2.dronederby.io/
Effective URL:
https://mettle-event-team2.dronederby.io/
Submission Tags: @phish_report
Submission: On August 14 via api (August 14th 2024, 12:31:13 pm UTC) from FI — Scanned from FI

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 34.36.207.5, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is mettle-event-team2.dronederby.io.
TLS certificate: Issued by WR3 on August 14th 2024. Valid for: 3 months.

This is the only time mettle-event-team2.dronederby.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	34.36.207.5 34.36.207.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
8	3

5 34.36.207.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.207.36.34.bc.googleusercontent.com

mettle-event-team2.dronederby.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	dronederby.io mettle-event-team2.dronederby.io	3 MB
2	googleapis.com firestore.googleapis.com — Cisco Umbrella Rank: 1344	464 B
8	2

	Domain	Requested by
5	mettle-event-team2.dronederby.io	mettle-event-team2.dronederby.io
2	firestore.googleapis.com	mettle-event-team2.dronederby.io
8	2

This site contains no links.

Subject Issuer	Validity	Valid
mettle-event-team2.dronederby.io WR3	`2024-08-14` - `2024-11-12`	3 months	crt.sh
edgecert.googleapis.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mettle-event-team2.dronederby.io/
Frame ID: 0B341C555BB3BA6EAFF943275CAD03B6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Drone Derby

Page URL History Show full URLs

http://mettle-event-team2.dronederby.io/ HTTP 307
https://mettle-event-team2.dronederby.io/ Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

3371 kB
Transfer

3368 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mettle-event-team2.dronederby.io/ HTTP 307
https://mettle-event-team2.dronederby.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mettle-event-team2.dronederby.io/
Redirect Chain

http://mettle-event-team2.dronederby.io/
https://mettle-event-team2.dronederby.io/

499 B
1 KB

1862ms
571ms

Document
text/html

34.36.207.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mettle-event-team2.dronederby.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.207.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.207.36.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

412210fdaf167131d59e7c6fb665b13da1277b088e351b15c0c463c42978d3ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' .googleusercontent.com https://storage.cloud.google.com https://storage.googleapis.com; frame-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.gstatic.com/ https://www.google-analytics.com https://apis.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://accounts.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com; connect-src 'self' https://firestore.googleapis.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com https://apis.google.com https://.googleapis.com https://command-proxy-a5evs6ynja-ew.a.run.app; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; manifest-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 499
content-security-policy: default-src 'self'; img-src 'self' *.googleusercontent.com https://storage.cloud.google.com https://storage.googleapis.com; frame-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.gstatic.com/ https://www.google-analytics.com https://apis.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://accounts.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com; connect-src 'self' https://firestore.googleapis.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com https://apis.google.com https://*.googleapis.com https://command-proxy-a5evs6ynja-ew.a.run.app; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; manifest-src 'self';
content-type: text/html
date: Wed, 14 Aug 2024 12:30:58 GMT
etag: "657346a5-1f3"
last-modified: Fri, 08 Dec 2023 16:39:01 GMT
server: Google Frontend
via: 1.1 google
x-cloud-trace-context: 7fd359a06919110e24dc1c263ebd7586;o=1
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

Location: https://mettle-event-team2.dronederby.io/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 main.8cdd5e37.js Show response
mettle-event-team2.dronederby.io/static/js/ 1 MB
1 MB 2010ms
2006ms Script
application/javascript 34.36.207.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mettle-event-team2.dronederby.io/static/js/main.8cdd5e37.js

Requested by

Host: mettle-event-team2.dronederby.io
URL: https://mettle-event-team2.dronederby.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.207.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.207.36.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

925876102e5fb96b6ce7f0e478955e1e8adea2448c844047459cd5df4472c401

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
date: Wed, 14 Aug 2024 12:30:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Aug 2024 12:20:16 GMT
server: Google Frontend
via: 1.1 google
etag: "66bca100-16c843"
x-frame-options: DENY
content-type: application/javascript
x-cloud-trace-context: 87597eb08ddad675fa213bf93b4567f7
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1493059
x-xss-protection: 1; mode=block

GET
H2 200 main.fec110ee.css
mettle-event-team2.dronederby.io/static/css/ 2 MB
2 MB 6208ms
6205ms Stylesheet
text/css 34.36.207.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://mettle-event-team2.dronederby.io/static/css/main.fec110ee.css

Requested by

Host: mettle-event-team2.dronederby.io
URL: https://mettle-event-team2.dronederby.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.207.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.207.36.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

5cb3ebc2fe6573001e986621a53f00d4f7451d286aa74d87071b37e4de8e63ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
date: Wed, 14 Aug 2024 12:30:59 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 16:39:01 GMT
server: Google Frontend
via: 1.1 google
etag: "657346a5-1dcacd"
x-frame-options: DENY
content-type: text/css
x-cloud-trace-context: c015f134cd1884a0021c5cc2e3ffbf82
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1952461
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
mettle-event-team2.dronederby.io/ 555 B
637 B 833ms
833ms Other
text/html 34.36.207.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mettle-event-team2.dronederby.io/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.207.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.207.36.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 47c90bcfb2694ef890cc5d8d3497c9a1cc6ed194570f177b4df767c45ca0322d

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cloud-trace-context: 3d356784c13dbdf5c08a41c16e86d860;o=1
date: Wed, 14 Aug 2024 12:31:08 GMT
via: 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
content-type: text/html

GET
H2 200 google_cloud_logo.c228342a9f3fd951b32c2cfa069b50b0.svg
mettle-event-team2.dronederby.io/static/media/ 2 KB
2 KB 806ms
806ms Image
image/svg+xml 34.36.207.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mettle-event-team2.dronederby.io/static/media/google_cloud_logo.c228342a9f3fd951b32c2cfa069b50b0.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.207.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

5.207.36.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

a7cc972c92cdc55a369d1509e6e20383a8a6372d18b441d414e2395af4c6677c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none'; object-src 'none'; script-src 'self'; connect-src 'self'; font-src 'self'; img-src 'self'; style-src 'self';
date: Wed, 14 Aug 2024 12:31:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 16:39:01 GMT
server: Google Frontend
via: 1.1 google
etag: "657346a5-6c0"
x-frame-options: DENY
content-type: image/svg+xml
x-cloud-trace-context: 8e8260986e274d307bef14e9d3e80b63
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1728
x-xss-protection: 1; mode=block

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
464 B 1586ms
581ms Fetch
text/plain 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fmettle-event-team2%2Fdatabases%2F(default)&RID=41533&CVER=22&X-HTTP-Session-Id=gsessionid&zx=xpvbenw3yyuq&t=1

Requested by

Host: mettle-event-team2.dronederby.io
URL: https://mettle-event-team2.dronederby.io/static/js/main.8cdd5e37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

ff1953d4e75c39ff02fb8788b6b0540099ec020de687ebd3e58f7dfe76f3e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 14 Aug 2024 12:31:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://mettle-event-team2.dronederby.io
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: WGu0F5WVPtGESy_4I1FiVVuYMSqaUw5yzOAFlKU-2ZI

GET
H2 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 301 B
0 191ms
190ms Fetch
text/plain 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=WGu0F5WVPtGESy_4I1FiVVuYMSqaUw5yzOAFlKU-2ZI&VER=8&database=projects%2Fmettle-event-team2%2Fdatabases%2F(default)&RID=rpc&SID=dV-zLXXFxZrt1OY0CP--qQ&CI=0&AID=0&TYPE=xmlhttp&zx=m3x25msnx3v7&t=1

Requested by

Host: mettle-event-team2.dronederby.io
URL: https://mettle-event-team2.dronederby.io/static/js/main.8cdd5e37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mettle-event-team2.dronederby.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 12:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://mettle-event-team2.dronederby.io
cache-control: private, max-age=0
access-control-allow-credentials: true
x-debug-tracking-id: 15078062133823915386;o=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: firestore.googleapis.com
URL: https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=WGu0F5WVPtGESy_4I1FiVVuYMSqaUw5yzOAFlKU-2ZI&VER=8&database=projects%2Fmettle-event-team2%2Fdatabases%2F(default)&RID=rpc&SID=dV-zLXXFxZrt1OY0CP--qQ&CI=0&AID=2&TYPE=xmlhttp&zx=ekc42g6grzq7&t=1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mettle-event-team2.dronederby.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self' .googleusercontent.com https://storage.cloud.google.com https://storage.googleapis.com; frame-src 'self'; object-src 'none'; script-src-elem 'self' 'unsafe-inline' https://www.googletagmanager.com https://www.gstatic.com/ https://www.google-analytics.com https://apis.google.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com https://accounts.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com; connect-src 'self' https://firestore.googleapis.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com https://apis.google.com https://.googleapis.com https://command-proxy-a5evs6ynja-ew.a.run.app; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; manifest-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firestore.googleapis.com
mettle-event-team2.dronederby.io
firestore.googleapis.com
142.250.186.170
34.36.207.5
412210fdaf167131d59e7c6fb665b13da1277b088e351b15c0c463c42978d3ae
47c90bcfb2694ef890cc5d8d3497c9a1cc6ed194570f177b4df767c45ca0322d
5cb3ebc2fe6573001e986621a53f00d4f7451d286aa74d87071b37e4de8e63ed
925876102e5fb96b6ce7f0e478955e1e8adea2448c844047459cd5df4472c401
a7cc972c92cdc55a369d1509e6e20383a8a6372d18b441d414e2395af4c6677c
ff1953d4e75c39ff02fb8788b6b0540099ec020de687ebd3e58f7dfe76f3e7d8

mettle-event-team2.dronederby.io Open in urlscan Pro 34.36.207.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

3371 kBTransfer

3368 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

mettle-event-team2.dronederby.io Open in urlscan Pro
34.36.207.5 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

3371 kB
Transfer

3368 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions