urlscan.io logo urlscan.io
SecurityTrails logo

lb-nebula.qasir.xyz Open in urlscan Pro
103.102.114.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lb-nebula.qasir.xyz/
Effective URL: https://lb-nebula.qasir.xyz/
Submission: On January 23 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 103.102.114.137, located in Indonesia and belongs to IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID. The main domain is lb-nebula.qasir.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 24th 2023. Valid for: a year.
This is the only time lb-nebula.qasir.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 103.102.114.137 136856 (IDNIC-BER...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:b... 396982 (GOOGLE-CL...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 151.101.194.137 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
24 10
7    103.102.114.137 (Indonesia)

ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID)
lb-nebula.qasir.xyz
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
cdn.mxpnl.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
Apex Domain
Subdomains		 Transfer
7 qasir.xyz
lb-nebula.qasir.xyz
596 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 557
3 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
71 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
29 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3321
18 KB
0 nr-data.net Failed
bam.nr-data.net Failed
24 8
Domain Requested by
7 lb-nebula.qasir.xyz 1 redirects lb-nebula.qasir.xyz
4 firebaseinstallations.googleapis.com lb-nebula.qasir.xyz
4 www.gstatic.com lb-nebula.qasir.xyz
2 connect.facebook.net lb-nebula.qasir.xyz
2 www.google-analytics.com lb-nebula.qasir.xyz
2 fonts.googleapis.com lb-nebula.qasir.xyz
1 js-agent.newrelic.com lb-nebula.qasir.xyz
1 cdn.mxpnl.com lb-nebula.qasir.xyz
1 fonts.gstatic.com fonts.googleapis.com
0 bam.nr-data.net Failed lb-nebula.qasir.xyz
24 10

This site contains no links.

Subject Issuer Validity Valid
*.qasir.id
Sectigo RSA Domain Validation Secure Server CA		 2023-10-24 -
2024-11-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-01 -
2024-01-30		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://lb-nebula.qasir.xyz/
Frame ID: 3FCED31EFFF0832B3FA4678F8A1C8847
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qasir | Sistem Dagang Pake Jempol

Page URL History Show full URLs

  1. http://lb-nebula.qasir.xyz/ HTTP 301
    https://lb-nebula.qasir.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

24
Requests

71 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

825 kB
Transfer

2958 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lb-nebula.qasir.xyz/ HTTP 301
    https://lb-nebula.qasir.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lb-nebula.qasir.xyz/
Redirect Chain
  • http://lb-nebula.qasir.xyz/
  • https://lb-nebula.qasir.xyz/
63 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx / PHP/7.1.33
Resource Hash
da7342d9bd15c387f38dae963f9fb1863a32ae7a2439a6c9c93edc9a0c9f5adf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 01:18:25 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
X-Powered-By
PHP/7.1.33

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 23 Jan 2024 01:18:24 GMT
Location
https://lb-nebula.qasir.xyz/
Server
nginx
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 01:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 01:18:26 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 01:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:24:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 01:18:26 GMT
vendor.min.css
lb-nebula.qasir.xyz/assets/css/ 		387 KB
67 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/assets/css/vendor.min.css?v=1697536841
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx /
Resource Hash
e073d48f2c336cd3d0d0fd94af201cc4d763e22943dba5a838d0ea67ee618688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 01:18:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 10:00:41 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"652e5b49-60d9d"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=3456000, no-cache
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 01:18:26 GMT
site.min.css
lb-nebula.qasir.xyz/assets/css/ 		77 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/assets/css/site.min.css?v=1697536841
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx /
Resource Hash
d341da40ea3ad128de51c36a071f62cdc6d6811c57c713c89beb87b876a724c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 01:18:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 10:00:41 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"652e5b49-13282"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=3456000, no-cache
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 01:18:26 GMT
reskin.css
lb-nebula.qasir.xyz/assets/css/ 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/assets/css/reskin.css?v=1697536841
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx /
Resource Hash
2c75c42e5bd27091d7a463e26489ca749de1d1cfd353b379f1ee4467e6fee9ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 01:18:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 10:00:41 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"652e5b49-b2eb"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=3456000, no-cache
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 01:18:26 GMT
modernizr.js
lb-nebula.qasir.xyz/assets/js/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/assets/js/modernizr.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx /
Resource Hash
7e26ca2fd58d9878a3754800828a0b4a1af34f747c19c7d48ff1add55b1759c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 01:18:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 10:00:41 GMT
Server
nginx
ETag
"652e5b49-3b92"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=3456000, no-cache
Connection
close
Accept-Ranges
bytes
Content-Length
15250
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 01:18:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Jan 2024 23:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5418
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 01:48:09 GMT
firebase-app.js
www.gstatic.com/firebasejs/7.6.1/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-app.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abdbd85ace4e054c7a56eb8911f6aa9c89134d78072107717163e15686b5c1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
516050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6132
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 01:57:36 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/7.6.1/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-messaging.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5324a34dd647d22e9b7db0129d53271d5901d370b5462bff16dd0aaf14bf6a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 11:04:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12497
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:53 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 11:04:48 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.6.1/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.6.1/firebase-analytics.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc119f3613cebb5f8a5577f8e5ee5e8e6d425e65f94c4ae277565b8e30db900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7423
x-xss-protection
0
last-modified
Wed, 18 Dec 2019 23:15:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 01:07:12 GMT
firebase-performance.js
www.gstatic.com/firebasejs/7.23.0/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/7.23.0/firebase-performance.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4fda11b5eb1d903dae02af6eb787f222cac482912248099ebc9783b8f888220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 20:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11735
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 20:48:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 20:29:42 GMT
vendor.min.js
lb-nebula.qasir.xyz/assets/js/ 		2 MB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lb-nebula.qasir.xyz/assets/js/vendor.min.js?v=1697536841
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.102.114.137 , Indonesia, ASN136856 (IDNIC-BERSAMANET-AS-ID PT. Tower Bersama, ID),
Reverse DNS
Software
nginx /
Resource Hash
8f9d6a13312afde5820b12b5dce27b2ab3075c82e9c014aca5f0167e8e1b390d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 01:18:26 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Tue, 17 Oct 2023 10:00:41 GMT
Server
nginx
Content-Encoding
gzip
ETag
W/"652e5b49-1aa757"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=3456000, no-cache
Connection
close
X-XSS-Protection
1; mode=block
Expires
Sun, 03 Mar 2024 01:18:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lb-nebula.qasir.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 06:47:56 GMT
x-content-type-options
nosniff
age
498631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 06:47:56 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 01:12:18 GMT
content-encoding
gzip
age
369
x-guploader-uploadid
ABPtcPpBf7KM-HsgNtgDdvHTDaBfHJvte313KZfEJaK5ad7-Zoj77zTIDeX1d9x5XqEsmcDuHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18139
last-modified
Tue, 14 Nov 2023 19:54:10 GMT
server
UploadServer
etag
"dff66d0b72bdc18a02be56412d5ef8c4"
vary
Accept-Encoding
x-goog-generation
1699991650202934
x-goog-hash
crc32c=VW26dg==, md5=3/ZtC3K9wYoCvlZBLV74xA==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18139
accept-ranges
bytes
expires
Tue, 23 Jan 2024 01:22:18 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c2904a6defdde77ef67277b1a6bf6680c3e7958c47ebda344e062350a5447c93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lb-nebula.qasir.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 01:18:27 GMT
content-md5
7uCXbm/aTI531UD/LeZ1cg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
KJigPsEFJsk1875m06ydSmVTAWl2XFq2n67tP9zB0EBRfdDExSa8eDuH0J4mGPzSPQhcmkPqC9u0f6hp2hUQYw==
x-fb-content-md5
ec05bd38742019ebab7c903a6b0c9e40
cross-origin-opener-policy
same-origin-allow-popups
etag
"c9d027d254b1aca1e286dc79099d6e1a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 23 Jan 2024 01:28:24 GMT
collect
www.google-analytics.com/j/ 		3 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1046079306&t=pageview&_s=1&dl=https%3A%2F%2Flb-nebula.qasir.xyz%2F&ul=en-us&de=UTF-8&dt=Qasir%20%7C%20Sistem%20Dagang%20Pake%20Jempol&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1106558218&gjid=1290550374&cid=1701472404.1705972708&tid=UA-74857374-2&_gid=2119373639.1705972708&_r=1&_slc=1&z=1787322276
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lb-nebula.qasir.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 01:18:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lb-nebula.qasir.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=fd56367ac2f0de142969e1bc7cc5548b
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b423b554f7965763103aa6ac4994630e6133a3579c12902f41e52768c70a736b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lb-nebula.qasir.xyz/
Origin
https://lb-nebula.qasir.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 01:18:27 GMT
content-md5
U2+nK7Rdqz1Wv/jLB/isXA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86998
reporting-endpoints
x-fb-debug
UzS7jkWeIfx+HMzYfr0230mxZGDaDJlKRzAoB16CLPkJF9TWEVUQyb2OBbfeS7f031OxL190zxolX6UZCX0lkQ==
x-fb-content-md5
19a922502420a28a9c3414a1d09bc33a
cross-origin-opener-policy
same-origin-allow-popups
etag
"825a9bb9dcb0941f49cac9c44aedbea0"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 22 Jan 2025 00:51:09 GMT
nr-spa-1.249.0.min.js
js-agent.newrelic.com/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.249.0.min.js
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://lb-nebula.qasir.xyz/
Origin
https://lb-nebula.qasir.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
xqhkUaUJHWINEJM5PSle_YSi.Q2oCtRJ
content-encoding
br
via
1.1 varnish
date
Tue, 23 Jan 2024 01:18:28 GMT
strict-transport-security
max-age=300
x-amz-request-id
ZR2WCPXS1BDA7QZP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
29447
x-amz-id-2
PHl0g/MmG+PcJSh45MwQ1PecL1sIrgD7hDwarRxpJHoWporAjUHRziJEI8E+v1fjj5Y4XlfPvoA=
x-served-by
cache-fra-eddf8230115-FRA
last-modified
Thu, 14 Dec 2023 16:36:09 GMT
server
AmazonS3
x-timer
S1705972708.348897,VS0,VE0
etag
"a42a1870225259a5447c6b5e0ebad53c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
280395
installations
firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/ 		481 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5cb965fce980adb8d01de7ab1953d34472396c58f5d9a87dd8ecd6722f0a5a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://lb-nebula.qasir.xyz/
x-goog-api-key
AIzaSyCUMxweXBM6vqvXJTELxJvb129pAMP7XXI
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Tue, 23 Jan 2024 01:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://lb-nebula.qasir.xyz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://lb-nebula.qasir.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://lb-nebula.qasir.xyz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 01:18:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
NRJS-4dc6632ce594a70b2ed
bam.nr-data.net/1/ 		0
0
installations
firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://lb-nebula.qasir.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://lb-nebula.qasir.xyz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 23 Jan 2024 01:18:28 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/ 		481 B
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Requested by
Host: lb-nebula.qasir.xyz
URL: https://lb-nebula.qasir.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01ad0b6083d0abf487504cccfa0c6a304a910bf3aa16a4ff6f0ddb9c9107efe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://lb-nebula.qasir.xyz/
x-goog-api-key
AIzaSyCUMxweXBM6vqvXJTELxJvb129pAMP7XXI
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
application/json

Response headers

date
Tue, 23 Jan 2024 01:18:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://lb-nebula.qasir.xyz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/NRJS-4dc6632ce594a70b2ed?a=1026368827&v=1.249.0&to=ZlZSMEVQXkZUUEwKDl8ccQdDWF9bGkRdAQBBQx4IWFZZWw%3D%3D&rst=4062&ck=0&s=4aa44bfc37100bc0&ref=https://lb-nebula.qasir.xyz/&af=err,xhr,stn,ins,spa&ap=32&be=1106&fe=2832&dc=2828&at=ShFRRg1KTUg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705972704327,%22n%22:0,%22f%22:440,%22dn%22:443,%22dne%22:443,%22c%22:443,%22s%22:643,%22ce%22:856,%22rq%22:856,%22rp%22:1107,%22rpe%22:2029,%22di%22:3929,%22ds%22:3929,%22de%22:3934,%22dc%22:3935,%22l%22:3936,%22le%22:3938%7D,%22navigation%22:%7B%7D%7D&fp=3229&fcp=3229

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunk:NRBA-1.249.0.PROD object| newrelic object| html5 object| Modernizr function| yepnope object| mixpanel function| ga object| firebase object| perf function| showNotif function| fbAsyncInit object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| __buffer object| date object| firstDay object| lastDay undefined| valuetanggal function| $ function| jQuery object| Pace function| Switchery object| classie object| Waves function| Waypoint object| toastr function| Color function| Chart function| moment function| daterangepicker function| Sweetalert2 function| swal function| sweetAlert object| AmCharts function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| Dropzone function| numeral function| Vue object| Vuex object| VueInfiniteLoading

6 Cookies

Domain/Path Name / Value
.lb-nebula.qasir.xyz/ Name: XSRF-TOKEN
Value: eyJpdiI6ImtPbVZsQktTb2JtV3RRUWZadTR4a3c9PSIsInZhbHVlIjoiYTNDNW1lZk1hbkZxZGVcL1JpTWhPOG82cVM5alwvVjZ1TFpQWkR2d2tKaTJDTmpSOG1sQUJkbEd0VzFKVWFGcWlnUjZXUGFCV0pXdCtwcjRKeEVyT21cL3c9PSIsIm1hYyI6ImViOGQ2YjMyODNmMDViYzc1YzFhOGU2NGIxZGRhMzQxNTcyMTI5M2I4YmY3M2I5MDMzNGEwM2U0MWE1NTU3ZjYifQ%3D%3D
.lb-nebula.qasir.xyz/ Name: qasir_sess
Value: eyJpdiI6IlwvdGQ5WmIycjdqdmE3RXNOc0djS3RBPT0iLCJ2YWx1ZSI6IlBmNEx5MXJDb0tCNW1tRWtQeXdmRnF4aVUwVDQ4MFwvcytOa1FaVFRvb1NjZ2xjaWswMEI3VUNCekx6Umx0K0pqbUtJdzU0T1E2Zk5HRzk3Wms0NjlvUT09IiwibWFjIjoiYmM4MTIyNjM0OGZlZmY1NmY5NjQ0NjA3NGYwNTMwNjg1YWFmMjQ1YmZjZTcxNjAyMDY0Njg0OTBiNGY5ZDcyNSJ9
.qasir.xyz/ Name: _ga
Value: GA1.2.1701472404.1705972708
.qasir.xyz/ Name: _gid
Value: GA1.2.2119373639.1705972708
.qasir.xyz/ Name: _gat
Value: 1
.qasir.xyz/ Name: mp_c404b5b903c41a3d7cc6c550a68b3f28_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A18d33e5b16ad23-0394426d46c1fc-6b305750-1d4c00-18d33e5b16ad23%22%2C%22%24device_id%22%3A%20%2218d33e5b16ad23-0394426d46c1fc-6b305750-1d4c00-18d33e5b16ad23%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

5 Console Messages

Source Level URL
Text
network error URL: https://lb-nebula.qasir.xyz/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://firebaseinstallations.googleapis.com/v1/projects/qasir-webapp/installations
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://lb-nebula.qasir.xyz/
Message:
Access to XMLHttpRequest at 'https://bam.nr-data.net/1/NRJS-4dc6632ce594a70b2ed?a=1026368827&v=1.249.0&to=ZlZSMEVQXkZUUEwKDl8ccQdDWF9bGkRdAQBBQx4IWFZZWw%3D%3D&rst=4062&ck=0&s=4aa44bfc37100bc0&ref=https://lb-nebula.qasir.xyz/&af=err,xhr,stn,ins,spa&ap=32&be=1106&fe=2832&dc=2828&at=ShFRRg1KTUg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705972704327,%22n%22:0,%22f%22:440,%22dn%22:443,%22dne%22:443,%22c%22:443,%22s%22:643,%22ce%22:856,%22rq%22:856,%22rp%22:1107,%22rpe%22:2029,%22di%22:3929,%22ds%22:3929,%22de%22:3934,%22dc%22:3935,%22l%22:3936,%22le%22:3938%7D,%22navigation%22:%7B%7D%7D&fp=3229&fcp=3229' from origin 'https://lb-nebula.qasir.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://bam.nr-data.net/1/NRJS-4dc6632ce594a70b2ed?a=1026368827&v=1.249.0&to=ZlZSMEVQXkZUUEwKDl8ccQdDWF9bGkRdAQBBQx4IWFZZWw%3D%3D&rst=4062&ck=0&s=4aa44bfc37100bc0&ref=https://lb-nebula.qasir.xyz/&af=err,xhr,stn,ins,spa&ap=32&be=1106&fe=2832&dc=2828&at=ShFRRg1KTUg%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705972704327,%22n%22:0,%22f%22:440,%22dn%22:443,%22dne%22:443,%22c%22:443,%22s%22:643,%22ce%22:856,%22rq%22:856,%22rp%22:1107,%22rpe%22:2029,%22di%22:3929,%22ds%22:3929,%22de%22:3934,%22dc%22:3935,%22l%22:3936,%22le%22:3938%7D,%22navigation%22:%7B%7D%7D&fp=3229&fcp=3229
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.mxpnl.com
connect.facebook.net
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
lb-nebula.qasir.xyz
www.google-analytics.com
www.gstatic.com
bam.nr-data.net
103.102.114.137
151.101.194.137
2600:1901:0:bc29::
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a03:2880:f083:100:face:b00c:0:3
01ad0b6083d0abf487504cccfa0c6a304a910bf3aa16a4ff6f0ddb9c9107efe4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
264956d1864215422fb0cf7906731f333cda073f4007ba32f1b9321ff79a9c52
2c75c42e5bd27091d7a463e26489ca749de1d1cfd353b379f1ee4467e6fee9ed
4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f
5324a34dd647d22e9b7db0129d53271d5901d370b5462bff16dd0aaf14bf6a4a
5cb965fce980adb8d01de7ab1953d34472396c58f5d9a87dd8ecd6722f0a5a07
6dc119f3613cebb5f8a5577f8e5ee5e8e6d425e65f94c4ae277565b8e30db900
7e26ca2fd58d9878a3754800828a0b4a1af34f747c19c7d48ff1add55b1759c3
8f9d6a13312afde5820b12b5dce27b2ab3075c82e9c014aca5f0167e8e1b390d
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
abdbd85ace4e054c7a56eb8911f6aa9c89134d78072107717163e15686b5c1a1
acb1221313fbb4d27f785ffd7a9ade0f7f44c37567ce1abf6aff7c399a7992d4
b423b554f7965763103aa6ac4994630e6133a3579c12902f41e52768c70a736b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c2904a6defdde77ef67277b1a6bf6680c3e7958c47ebda344e062350a5447c93
c4fda11b5eb1d903dae02af6eb787f222cac482912248099ebc9783b8f888220
d341da40ea3ad128de51c36a071f62cdc6d6811c57c713c89beb87b876a724c4
da7342d9bd15c387f38dae963f9fb1863a32ae7a2439a6c9c93edc9a0c9f5adf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e073d48f2c336cd3d0d0fd94af201cc4d763e22943dba5a838d0ea67ee618688