urlscan.io logo urlscan.io
SecurityTrails logo

super-firefly-0b6c.terrea.workers.dev Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Submission: On August 23 via automatic, source openphish — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is super-firefly-0b6c.terrea.workers.dev.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time super-firefly-0b6c.terrea.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2620:0:890::100 54113 (FASTLY)
1 2606:4700::68... ()
6 4
Domain Requested by
2 viaodmeoizcd.web.app super-firefly-0b6c.terrea.workers.dev
1 unpkg.com super-firefly-0b6c.terrea.workers.dev
1 vaps.quatiappcn.pw super-firefly-0b6c.terrea.workers.dev
1 super-firefly-0b6c.terrea.workers.dev
6 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-03 -
2023-06-02		 a year crt.sh
web.app
GTS CA 1D4		 2022-08-12 -
2022-11-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Frame ID: 1F293619CFF0BD2A055D86AF003F0B23
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Page Statistics

6
Requests

83 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

34 kB
Transfer

142 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
super-firefly-0b6c.terrea.workers.dev/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20d0ec1bb0a3495b5308095c244020d09e2dd68884ce74cae75c711b3131395

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
73f05473cb63b779-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 02:13:35 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ildO%2BoRXeKnFmaFOKSdr%2B1amWn%2Bg15jnW18%2FM%2FwZ%2BUUI286vb6EL4wVVaRvV%2FsB%2FdvOCV7DBefgHdSxHyCfqwrEjJ1fXHUO6dfIOd2axuCEHWLa8sfvks4J0yvQLtiS38psblCOI7%2FD9kRsOEzjUpK7tzIfvsC0bSko07wxqBXIdpVsZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
62f293357d9c24192c2125b0.js
vaps.quatiappcn.pw/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vaps.quatiappcn.pw/62f293357d9c24192c2125b0.js
Requested by
Host: super-firefly-0b6c.terrea.workers.dev
URL: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eb02e59edcebc05235ff9bf11b329609521bc67207e00ed9ecdbc65d9abb901

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://super-firefly-0b6c.terrea.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 02:13:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
BYPASS
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EGaZuJdm%2FPxBB873%2B%2B9zKR45%2FNHaC%2ByMd1OcCALJYDckPikSub3IRO1foG3UsWijkD2Zl3c8GPGq54k1rbD20GortQZyKpQ7nkma3JHS64IFgOADuafKHMVcAi9NGI222H3%2BdH2gHkvDkvTA5zP%2FQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
vaps.quatiappcn.pw
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
73f05474fd60b70d-AMS
access-control-allow-headers
authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
expires
Mon, 25 Jul 1997 05:00:00 GMT
66b402040163d4a69a32312bd66b383dnbr1660064564.css
viaodmeoizcd.web.app/nrykmndbfzxvz/themes/css/ 		1 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viaodmeoizcd.web.app/nrykmndbfzxvz/themes/css/66b402040163d4a69a32312bd66b383dnbr1660064564.css
Requested by
Host: super-firefly-0b6c.terrea.workers.dev
URL: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
118f4d0a8c85bfbe5e7dfa3162e04e73c6fcda9cf1736b28f9472aa7e03ba2af
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://super-firefly-0b6c.terrea.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Mon, 22 Aug 2022 17:13:29 GMT
x-timer
S1661220817.145731,VS0,VE2153
etag
"2c2f42530360d92df6a9043afb8385defb5a11ba6299d3a885ecfdb3ce6e12e7-br"
x-served-by
cache-del21722-DEL
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Tue, 23 Aug 2022 02:13:39 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
334
x-cache-hits
0
20dce005f6942cacb9faab91b31c56c3nbr1660064564.css
viaodmeoizcd.web.app/nrykmndbfzxvz/themes/css/ 		92 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viaodmeoizcd.web.app/nrykmndbfzxvz/themes/css/20dce005f6942cacb9faab91b31c56c3nbr1660064564.css
Requested by
Host: super-firefly-0b6c.terrea.workers.dev
URL: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35eeb3ebb083283807b6f052453c56b85f50e8df11480cc55468232d4e28ce16
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://super-firefly-0b6c.terrea.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Mon, 22 Aug 2022 17:13:29 GMT
x-timer
S1661220820.506524,VS0,VE229
etag
"a0be052d42fcb81ea3213aa38211028ded8387e8b31f267327970549265ee7f1-br"
x-served-by
cache-del21722-DEL
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=3600
date
Tue, 23 Aug 2022 02:13:39 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12845
x-cache-hits
0
axios.min.js
unpkg.com/axios@0.16.1/dist/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@0.16.1/dist/axios.min.js
Requested by
Host: super-firefly-0b6c.terrea.workers.dev
URL: https://super-firefly-0b6c.terrea.workers.dev/?bbre=xzoduszxas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://super-firefly-0b6c.terrea.workers.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 02:13:39 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
2528224
fly-request-id
01G8RWGTP4EH8FYEENWMFQRPXB-ams
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 08 Apr 2017 18:51:20 GMT
server
cloudflare
etag
W/"879a-StlLhYX39Pj2Qvz0O98NQPjvG9U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
73f0548cad63b966-AMS
66b402040163d4a69a32312bd66b383dnbr1660064564.js
viaodmeoizcd.web.app/nrykmndbfzxvz/themes/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
viaodmeoizcd.web.app
URL
https://viaodmeoizcd.web.app/nrykmndbfzxvz/themes/66b402040163d4a69a32312bd66b383dnbr1660064564.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x553b function| _0x16e1 function| _0x122adb function| _0x22a645 function| _0x4d51f5 string| emfromgetnbrtoo object| script34ssd function| _0x13de9d object| _0x4bc8 function| _0x9aa6 function| loadScript object| dml function| _0x11f813

0 Cookies