valhalla.covid-directory.preview.fernwehapps.com
Open in
urlscan Pro
52.2.242.115
Public Scan
Submission: On January 19 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on January 19th 2021. Valid for: 3 months.
This is the only time valhalla.covid-directory.preview.fernwehapps.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 52.2.242.115 52.2.242.115 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a04:4e42::729 2a04:4e42::729 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:200... 2a04:4e42:200::729 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.114.110 151.101.114.110 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.242.21 162.247.242.21 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1) | |
11 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-242-115.compute-1.amazonaws.com
valhalla.covid-directory.preview.fernwehapps.com |
ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
fernwehapps.com
valhalla.covid-directory.preview.fernwehapps.com |
440 KB |
2 |
nr-data.net
bam.nr-data.net |
490 B |
2 |
sentry-cdn.com
js.sentry-cdn.com browser.sentry-cdn.com |
21 KB |
1 |
newrelic.com
js-agent.newrelic.com |
10 KB |
1 |
gstatic.com
fonts.gstatic.com |
9 KB |
1 |
googleapis.com
fonts.googleapis.com |
960 B |
11 | 6 |
Domain | Requested by | |
---|---|---|
4 | valhalla.covid-directory.preview.fernwehapps.com |
valhalla.covid-directory.preview.fernwehapps.com
|
2 | bam.nr-data.net |
js-agent.newrelic.com
browser.sentry-cdn.com |
1 | js-agent.newrelic.com |
valhalla.covid-directory.preview.fernwehapps.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | browser.sentry-cdn.com |
js.sentry-cdn.com
|
1 | fonts.googleapis.com |
valhalla.covid-directory.preview.fernwehapps.com
|
1 | js.sentry-cdn.com |
valhalla.covid-directory.preview.fernwehapps.com
|
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
staging.covid-directory.fernwehapps.com R3 |
2021-01-19 - 2021-04-19 |
3 months | crt.sh |
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-01-08 - 2021-04-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-12-15 - 2021-03-09 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-12-28 - 2021-05-07 |
4 months | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://valhalla.covid-directory.preview.fernwehapps.com/
Frame ID: E80D3DF7075AC4A57D85E1905D36F08B
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
valhalla.covid-directory.preview.fernwehapps.com/ |
11 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
output.bec64c6293cf.css
valhalla.covid-directory.preview.fernwehapps.com/static/CACHE/css/ |
182 KB 182 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53fa976417d844aaa65e41afdb387ce5.min.js
js.sentry-cdn.com/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
output.8317f205b728.js
valhalla.covid-directory.preview.fernwehapps.com/static/CACHE/js/ |
245 KB 245 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
output.cceacea2ffd3.js
valhalla.covid-directory.preview.fernwehapps.com/static/CACHE/js/ |
519 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
11 KB 960 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/5.30.0/ |
64 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-1194.min.js
js-agent.newrelic.com/ |
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NRJS-566cb812fa3dc703131
bam.nr-data.net/1/ |
57 B 275 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-566cb812fa3dc703131
bam.nr-data.net/events/1/ |
24 B 215 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| Sentry object| __SENTRY__ object| $jscomp function| $ function| jQuery function| Popper object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; style-src 'self' 'unsafe-inline' fonts.googleapis.com; frame-ancestors 'self' *.fernwehapps.com wilsondns.webflow.io thewilsonword.webflow.io *.thewilsonword.com; font-src 'self' fonts.gstatic.com; script-src 'self' 'unsafe-inline' *.sentry-cdn.com js-agent.newrelic.com bam.nr-data.net; connect-src 'self' bam.nr-data.net |
Strict-Transport-Security | max-age=60; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
browser.sentry-cdn.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
js.sentry-cdn.com
valhalla.covid-directory.preview.fernwehapps.com
151.101.114.110
162.247.242.21
2a00:1450:4001:80b::2003
2a00:1450:4001:821::200a
2a04:4e42:200::729
2a04:4e42::729
52.2.242.115
04446c6509e4513c239c7803cf8a8c3727e8cef843c8537e48d5e05e1fa723cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
78de45de13c43861889dfdfb21b8fffe7289d73fa4b141d323c8aed2127900c1
8317f205b728064656237ce7a9cd7cd310da9b939b551714aec03184c0f511dd
8cc671224647ca6a0ffb7b2d0aa3bd4650a6add6160e3e39b17c45a245cdd18f
bec64c6293cfb46056ca05c34610ca9860fb2e6263720cf7257c122b77457306
cceacea2ffd3e1a0eb4150c5a4a3d8f346e19afaa75a464de37fef47ef9e8d4e
e5517875757dba86f399375be35809c5c2c7a86e46fe6d9520d1772e05dde718