firn.cash Open in urlscan Pro
18.239.69.85  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response firn.cash/	8 KB 9 KB	232ms 163ms	Document text/html	18.239.69.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://firn.cash/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.69.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-85.ams58.r.cloudfront.net Software BunnyCDN-AMS1-879 / Resource Hash 983de6670db60e2d01ce60ce27bc26b967c882788959025969ae177be7374d8a Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-headers Content-Type Range User-Agent X-Requested-With access-control-allow-methods GET HEAD OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output alt-svc h3=":443"; ma=86400 cache-control max-age=60, stale-while-revalidate=3600 cdn-cache REVALIDATED cdn-cachedat 01/16/2024 18:02:43 cdn-edgestorageid 879 cdn-proxyver 1.04 cdn-pullzone 1055370 cdn-requestcountrycode NL cdn-requestid b3d7a95b4d799411dfb10a380db87622 cdn-requestpullcode 200 cdn-requestpullsuccess True cdn-status 200 cdn-uid 070ccd6e-b4b0-4c90-b45a-e26d7534205d content-length 7954 content-security-policy upgrade-insecure-requests content-type text/html date Tue, 16 Jan 2024 18:32:18 GMT etag "bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u" referrer-policy strict-origin-when-cross-origin server BunnyCDN-AMS1-879 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront) x-amz-cf-id LVm0DYu7MopdLUfHsG2cgfT2IP8Vox8RC_oa5NtahurQfeW8ntkwyQ== x-amz-cf-pop AMS58-P4 x-cache Miss from cloudfront x-cache-status MISS x-content-type-options nosniff x-ipfs-path /ipfs/bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u/ x-ipfs-roots bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u x-request-id 46dab9295b906c2400dead9ad804cc68 x-xss-protection 0
GET H2	200	main.js Show response firn.cash/	2 MB 2 MB	34ms 34ms	Script text/javascript	18.239.69.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://firn.cash/main.js Requested by Host: firn.cash URL: https://firn.cash/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.239.69.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-85.ams58.r.cloudfront.net Software BunnyCDN-AMS1-879 / Resource Hash f4e91e692ad94a0554758f716dd595fd2f59d7424f61ee5196e70ae91c2322a7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://firn.cash/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests cdn-pullzone 1055370 referrer-policy strict-origin-when-cross-origin cdn-proxyver 1.04 x-ipfs-roots bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u,QmYWx67Yjdctpr2MfMbnXJmKSga9jPQ2sLbGBh2kNQZktr etag W/"QmYWx67Yjdctpr2MfMbnXJmKSga9jPQ2sLbGBh2kNQZktr" vary Accept-Encoding access-control-allow-methods GET, HEAD, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cdn-cache MISS access-control-expose-headers Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output cache-control max-age=60, stale-while-revalidate=3600 x-ipfs-path /ipfs/bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u/main.js cdn-requestcountrycode NL access-control-allow-headers Content-Type, Range, User-Agent, X-Requested-With date Tue, 16 Jan 2024 18:32:18 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront) cdn-edgestorageid 1056 x-amz-cf-pop AMS58-P4 x-cache-status MISS x-cache Miss from cloudfront cdn-cachedat 01/16/2024 18:32:18 alt-svc h3=":443"; ma=86400 x-xss-protection 0 x-request-id 8e47532c65b1e2a5fd16b5c12423864f server BunnyCDN-AMS1-879 cdn-requestpullcode 200 cdn-uid 070ccd6e-b4b0-4c90-b45a-e26d7534205d cdn-requestid ea9b74c0ed29698b9fc61a65d46b87f9 cdn-status 200 x-amz-cf-id pM-JbHd0xz5sKp6se9GptXNMIJUKRfW9DNCTBCvZZNwI0dKLErfL_w== cdn-requestpullsuccess True
OPTIONS H/1.1	200 OK	eth 1rpc.io/4qUmg7L19yZ9fxzGv/	0 0	151ms 69ms	Preflight	20.105.41.175 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://1rpc.io/4qUmg7L19yZ9fxzGv/eth Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.105.41.175 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software AutomataGeode/0.1.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://firn.cash Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Access-Control-Max-Age 86400 Content-Length 0 Date Tuesday, 16 Jan 2024 18:32:18 GMT Server AutomataGeode/0.1.0
GET DATA	200 OK	truncated /	1020 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c0c3ac35627697010340544b10dd7ac4672c0a7047f056a1a5c0b7342a026742 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e625c5aa43a81baacd8f5130267c2da6d58536ebafe117137003411fe5082047 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	eth Show response 1rpc.io/4qUmg7L19yZ9fxzGv/	2 KB 2 KB	1384ms 1384ms	Fetch application/json	20.105.41.175 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://1rpc.io/4qUmg7L19yZ9fxzGv/eth Requested by Host: firn.cash URL: https://firn.cash/main.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 20.105.41.175 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software AutomataGeode/0.1.0 / Resource Hash 4be7b2ed110804c5cce64a179b862a4dab44fac881e2dd4077a27daa4c8d7f30 Request headers Referer https://firn.cash/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/json Response headers Access-Control-Allow-Origin * Date Tuesday, 16 Jan 2024 18:32:20 GMT Req-Id 84f338a095b8c2df Server AutomataGeode/0.1.0 Keep-Alive timeout=30 Content-Length 1574 Content-Type application/json
GET H3	200	telegrama.woff2 firn.cash/	9 KB 10 KB	94ms 94ms	Font font/woff2	18.239.69.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://firn.cash/telegrama.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 18.239.69.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-239-69-85.ams58.r.cloudfront.net Software BunnyCDN-AMS1-879 / Resource Hash 8f77d5464adb7482a2d63a9b0fe0ecc669c778a3f975db4da8bb92ab76a229c3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://firn.cash/ Origin https://firn.cash accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy upgrade-insecure-requests cdn-pullzone 1055370 referrer-policy strict-origin-when-cross-origin cdn-proxyver 1.04 x-ipfs-roots bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u,QmW81bayoETXpuSjZgJwDpLpJyZTqmE3sSX1B8D9vRNZTp etag "QmW81bayoETXpuSjZgJwDpLpJyZTqmE3sSX1B8D9vRNZTp" access-control-allow-methods GET, HEAD, OPTIONS content-type font/woff2 access-control-allow-origin * cdn-cache MISS access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control max-age=60, stale-while-revalidate=3600 x-ipfs-path /ipfs/bafybeiepfapl6575hhz5msjjxl2rniglogxwhsjvdft6x22ivyxysynv7u/telegrama.woff2 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestcountrycode NL date Tue, 16 Jan 2024 18:32:18 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff via 1.1 12d69f39c905d1c9441d392eddc25066.cloudfront.net (CloudFront) cdn-edgestorageid 1056 x-amz-cf-pop AMS58-P4 x-cache-status MISS x-cache Miss from cloudfront cdn-cachedat 01/16/2024 18:32:18 alt-svc h3=":443"; ma=86400 content-length 9004 x-xss-protection 0 x-request-id a2864fe4d813098883274290bba8228c server BunnyCDN-AMS1-879 cdn-requestpullcode 200 cdn-uid 070ccd6e-b4b0-4c90-b45a-e26d7534205d cdn-requestid d393aed0162d3090aa0df05a7602f363 accept-ranges bytes cdn-status 200 x-amz-cf-id pr5naYOLYFEsdDX3rBLLVC1y2LdOd6gzP90pYOZ-OR0PAAxyOSB06w== cdn-requestpullsuccess True

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkfirn object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1rpc.io
firn.cash
18.239.69.85
20.105.41.175
4be7b2ed110804c5cce64a179b862a4dab44fac881e2dd4077a27daa4c8d7f30
8f77d5464adb7482a2d63a9b0fe0ecc669c778a3f975db4da8bb92ab76a229c3
983de6670db60e2d01ce60ce27bc26b967c882788959025969ae177be7374d8a
c0c3ac35627697010340544b10dd7ac4672c0a7047f056a1a5c0b7342a026742
e625c5aa43a81baacd8f5130267c2da6d58536ebafe117137003411fe5082047
f4e91e692ad94a0554758f716dd595fd2f59d7424f61ee5196e70ae91c2322a7