txikixaka.firebaseapp.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is txikixaka.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on January 31st 2022. Valid for: 3 months.

This is the only time txikixaka.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	142.93.169.5 142.93.169.5	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	13.54.102.156 13.54.102.156	() ()
1	13.32.99.69 13.32.99.69	16509 (AMAZON-02) (AMAZON-02)
7	4

4 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

txikixaka.firebaseapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.169.5 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

mailboxserv.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.54.102.156 (None, )

ASN- ()

mytopia.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-69.fra60.r.cloudfront.net

logo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	firebaseapp.com txikixaka.firebaseapp.com	174 KB
1	clearbit.com logo.clearbit.com — Cisco Umbrella Rank: 28071	3 KB
1	mytopia.com.au mytopia.com.au
1	mailboxserv.pw mailboxserv.pw	646 B
7	4

	Domain	Requested by
4	txikixaka.firebaseapp.com	txikixaka.firebaseapp.com
1	logo.clearbit.com
1	mytopia.com.au	txikixaka.firebaseapp.com
1	mailboxserv.pw	txikixaka.firebaseapp.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1D4	`2022-01-31` - `2022-05-01`	3 months	crt.sh
mailboxserv.pw R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
www.mytopia.com.au Sectigo RSA Extended Validation Secure Server CA	`2021-11-10` - `2022-11-10`	a year	crt.sh
clearbit.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au
Frame ID: 43212E0A329D39CEF3A4157CF6454337
Requests: 6 HTTP requests in this frame

Frame: https://mytopia.com.au/
Frame ID: 84AE3577E0E8131FFCBCA040F3B1224F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Session Expired~

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

179 kB
Transfer

443 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
txikixaka.firebaseapp.com/ghse/sessexpired/ 2 KB
990 B 524ms
54ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

a65d929afb9a35d58a92914b5e472707b144706291091ce3a6f2f346f6fd0cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "710431956b127c868d96ced7654ed39033534f62508af186da2bab73d7f51bc1-br"
last-modified: Sun, 09 Jan 2022 04:39:25 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Thu, 03 Feb 2022 22:05:23 GMT
x-served-by: cache-hhn4036-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1643925923.031026,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 684

GET
H2 200 sesh.css
txikixaka.firebaseapp.com/ghse/sessexpired/ 139 KB
102 KB 127ms
127ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://txikixaka.firebaseapp.com/ghse/sessexpired/sesh.css

Requested by

Host: txikixaka.firebaseapp.com
URL: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

ea375d86d3e8e1df932a84eccb41652bbe24ec00b7544e2904356f8a838cf6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Sun, 09 Jan 2022 04:39:25 GMT
x-timer: S1643925923.113324,VS0,VE1
etag: "57cce6ea4262584b7ec94a0b907bdd8e404e010298a4b83d257ede1f786329ff-br"
x-served-by: cache-hhn4036-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Thu, 03 Feb 2022 22:05:23 GMT
accept-ranges: bytes
content-length: 104339
x-cache-hits: 1

GET
H2 200 jquery.js Show response
txikixaka.firebaseapp.com/ghse/sessexpired/ 292 KB
69 KB 64ms
63ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://txikixaka.firebaseapp.com/ghse/sessexpired/jquery.js

Requested by

Host: txikixaka.firebaseapp.com
URL: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

6fbb86a67c5f7e8883b26f1215cd331bbf9ebeff732bdfd82d952d9a66f78991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Sun, 09 Jan 2022 04:39:25 GMT
x-timer: S1643925923.113410,VS0,VE1
etag: "8cb5b76dae5ef87c0873da1ad2b66dd8a34600b3ba81e1b5f5aba4b5bca769b6-br"
x-served-by: cache-hhn4036-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Thu, 03 Feb 2022 22:05:23 GMT
accept-ranges: bytes
content-length: 70895
x-cache-hits: 1

GET
H2 200 sesh.js Show response
txikixaka.firebaseapp.com/ghse/sessexpired/ 6 KB
2 KB 60ms
60ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://txikixaka.firebaseapp.com/ghse/sessexpired/sesh.js

Requested by

Host: txikixaka.firebaseapp.com
URL: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/

Resource Hash

0dcf0206b1fbbd6a4953804148ec51dc40a699bf82425ffe0003f6a7c967ef68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://txikixaka.firebaseapp.com/ghse/sessexpired/index.html?a=sales@mytopia.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Sun, 09 Jan 2022 04:39:25 GMT
x-timer: S1643925923.113489,VS0,VE1
etag: "24b78fd46f67872057b76cd3970adc6c829da6732c7db4fa3e334af46326d472-br"
x-served-by: cache-hhn4036-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Thu, 03 Feb 2022 22:05:23 GMT
accept-ranges: bytes
content-length: 1775
x-cache-hits: 1

POST
H/1.1 200
OK autopost.php Show response
mailboxserv.pw/mytest/ 413 B
646 B 2473ms
2043ms XHR
text/html 142.93.169.5
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://mailboxserv.pw/mytest/autopost.php
Requested by: Host: txikixaka.firebaseapp.com
URL: https://txikixaka.firebaseapp.com/ghse/sessexpired/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.93.169.5 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a723e22a4916a5ae0286a0eabd067da43e5ebced2bffda252b0a25b319435759

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://txikixaka.firebaseapp.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 03 Feb 2022 22:05:25 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 271

GET
H/1.1 200
OK /
mytopia.com.au/ Frame 84AE 0
0 1296ms
591ms Document
text/html 13.54.102.156

General

Check archive.org

Show headers Download Go to

Full URL

https://mytopia.com.au/

Requested by

Host: txikixaka.firebaseapp.com
URL: https://txikixaka.firebaseapp.com/ghse/sessexpired/sesh.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.54.102.156 -, , ASN (),

Reverse DNS

Software

nginx/1.16.1 / PHP/5.6.40

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://txikixaka.firebaseapp.com/

Response headers

Server: nginx/1.16.1
Date: Thu, 03 Feb 2022 22:05:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Age: 303
Content-Encoding: gzip

GET
H2 200 mytopia.com.au
logo.clearbit.com/ 3 KB
3 KB 83ms
8ms Image
image/png 13.32.99.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logo.clearbit.com/mytopia.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-69.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: a731880f7fd05407a39faaf13c8ef36d3658dabe8a079300b8d1bd524f7c953f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://txikixaka.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 02:54:11 GMT
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
server: envoy
age: 241875
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 0HVANUzjjNvJdXfKCmR3SeWAHQ-ITloUMUi6nGVrkk-pTLK5ZmzPOQ==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://mytopia.com.au/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

logo.clearbit.com
mailboxserv.pw
mytopia.com.au
txikixaka.firebaseapp.com
13.32.99.69
13.54.102.156
142.93.169.5
2620:0:890::100
0dcf0206b1fbbd6a4953804148ec51dc40a699bf82425ffe0003f6a7c967ef68
6fbb86a67c5f7e8883b26f1215cd331bbf9ebeff732bdfd82d952d9a66f78991
a65d929afb9a35d58a92914b5e472707b144706291091ce3a6f2f346f6fd0cf3
a723e22a4916a5ae0286a0eabd067da43e5ebced2bffda252b0a25b319435759
a731880f7fd05407a39faaf13c8ef36d3658dabe8a079300b8d1bd524f7c953f
ea375d86d3e8e1df932a84eccb41652bbe24ec00b7544e2904356f8a838cf6f8

txikixaka.firebaseapp.com Open in urlscan Pro 2620:0:890::100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

179 kBTransfer

443 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

txikixaka.firebaseapp.com Open in urlscan Pro
2620:0:890::100 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

179 kB
Transfer

443 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions