magicalburst.birdwrongs.sh Open in urlscan Pro
2607:ff18:80::7022 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://magicalburst.birdwrongs.sh/
Submission: On April 27 via api (April 27th 2024, 10:34:38 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2607:ff18:80::7022, located in United States and belongs to GRIDFURY-AS, US. The main domain is magicalburst.birdwrongs.sh.
TLS certificate: Issued by R3 on April 27th 2024. Valid for: 3 months.

This is the only time magicalburst.birdwrongs.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2607:ff18:80:... 2607:ff18:80::7022	40630 (GRIDFURY-AS) (GRIDFURY-AS)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a05:d014:58f... 2a05:d014:58f:6201::64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a01:4f9:3a:1... 2a01:4f9:3a:13e0::2	24940 (HETZNER-AS) (HETZNER-AS)
15	6

9 2607:ff18:80::7022 (United States)

ASN40630 (GRIDFURY-AS, US)

magicalburst.birdwrongs.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:58f:6201::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

gc.zgo.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f9:3a:13e0::2 (Germany)

ASN24940 (HETZNER-AS, DE)

magicalburst.goatcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	birdwrongs.sh magicalburst.birdwrongs.sh	84 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	goatcounter.com magicalburst.goatcounter.com	826 B
1	zgo.at gc.zgo.at — Cisco Umbrella Rank: 208683	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	793 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 767	30 KB
15	6

	Domain	Requested by
9	magicalburst.birdwrongs.sh	magicalburst.birdwrongs.sh
2	fonts.gstatic.com	fonts.googleapis.com
1	magicalburst.goatcounter.com	gc.zgo.at
1	gc.zgo.at	magicalburst.birdwrongs.sh
1	fonts.googleapis.com	magicalburst.birdwrongs.sh
1	code.jquery.com	magicalburst.birdwrongs.sh
15	6

This site contains no links.

Subject Issuer	Validity	Valid
magicalburst.birdwrongs.sh R3	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
gc.zgo.at R3	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-08` - `2024-07-01`	3 months	crt.sh
*.goatcounter.com ZeroSSL ECC Domain Secure Site CA	`2024-04-10` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://magicalburst.birdwrongs.sh/
Frame ID: 11A467EEFE5E0741EB26D5546EBB71DA
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Magical Burst Character Generator

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

152 kB
Transfer

265 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
magicalburst.birdwrongs.sh/ 4 KB
1 KB 524ms
307ms Document
text/html 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: ade660d10cc59a1e59ce3fcc3aaba692868e4a1b7f4833e8da58c89a24e461bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 27 Apr 2024 10:34:32 GMT
server: Apache
vary: Accept-Encoding
via: e8s

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 36ms
8ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Origin: https://magicalburst.birdwrongs.sh
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 71869
x-cache: HIT, HIT
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-fra-eddf8230020-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1714214073.349826,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 14, 8628

GET
H2 200 css2
fonts.googleapis.com/ 850 B
793 B 44ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sofia&family=The+Girl+Next+Door&display=swap

Requested by

Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90ff7f51ece9d86596742cb9b6527eaba2dd17dab716eba4200976931b5932b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Apr 2024 10:34:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Apr 2024 10:34:33 GMT

GET
H2 200 style.css
magicalburst.birdwrongs.sh/ 3 KB
997 B 93ms
91ms Stylesheet
text/css 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/style.css
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 81d7e8eeaa6119f767eb152fbc44165a68c787d58942e65ab1f29ab26741a72f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
last-modified: Wed, 17 Apr 2024 03:00:08 GMT
server: Apache
etag: "a18-616420d64132c"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 888

GET
H2 200 validationEngine.jquery.css
magicalburst.birdwrongs.sh/css/ 3 KB
788 B 177ms
175ms Stylesheet
text/css 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/css/validationEngine.jquery.css
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 33a3e5a71133deac7f83d98bcd7bc58f9760ef1161a3ccdcdb1f51093380c0f5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
last-modified: Wed, 17 Apr 2024 02:59:57 GMT
server: Apache
etag: "a95-616420cc0ee4b"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 714

GET
H2 200 jquery.validationEngine-en.js Show response
magicalburst.birdwrongs.sh/js/languages/ 10 KB
2 KB 264ms
263ms Script
text/javascript 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/js/languages/jquery.validationEngine-en.js
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 1d86f863d9cb1268a3c34b1c00326f530cad63271731d254ce0bef7bcf4ab672

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
last-modified: Wed, 17 Apr 2024 03:00:04 GMT
server: Apache
etag: "26c5-616420d275893"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
content-length: 2149

GET
H2 200 jquery.validationEngine.js Show response
magicalburst.birdwrongs.sh/js/ 52 KB
13 KB 95ms
95ms Script
text/javascript 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/js/jquery.validationEngine.js
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 630e0da6c1e2a66d14eab9e06a300377997eb7c0da4f979faa165b55022ca997

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
last-modified: Wed, 17 Apr 2024 03:00:01 GMT
server: Apache
etag: "d07f-616420cfa7c67"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes

GET
H2 200 header.png
magicalburst.birdwrongs.sh/images/ 51 KB
51 KB 181ms
180ms Image
image/png 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magicalburst.birdwrongs.sh/images/header.png
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: de4d2c731a66d40bc918a462d7d7468526e5865230a051945c1bf50c08f063a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
via: e8s
last-modified: Wed, 17 Apr 2024 02:59:59 GMT
server: Apache
etag: "ccd9-616420cd62bb2"
content-type: image/png
accept-ranges: bytes
content-length: 52441

GET
H2 200 count.js Show response
gc.zgo.at/ 8 KB
3 KB 96ms
8ms Script
application/javascript 2a05:d014:58f:6201::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gc.zgo.at/count.js

Requested by

Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6201::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

0e44539f25c34a4a0f2cee30df34b50e0ec1f3f4eb13c559069ea5b3d2dcda8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HWFHXXADC3XEJ41Z7HHVH805
date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Netlify
age: 86737
cache-status: "Netlify Edge"; hit
etag: "4eb43ab50c72aa3274c6bb3c3f9d2e52-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public,max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2866

GET
H2 200 print.css
magicalburst.birdwrongs.sh/ 91 B
150 B 94ms
93ms Stylesheet
text/css 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/print.css
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 673437f1bd0b54d1e6083f763a486d2957431c885176f0a3fa95ef8e0f74cce2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
last-modified: Wed, 17 Apr 2024 03:00:08 GMT
server: Apache
etag: "5b-616420d60f650"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 101

GET
H2 200 bg.png
magicalburst.birdwrongs.sh/images/ 13 KB
13 KB 92ms
92ms Image
image/png 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magicalburst.birdwrongs.sh/images/bg.png
Requested by: Host: magicalburst.birdwrongs.sh
URL: https://magicalburst.birdwrongs.sh/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e082074d97d013ccff41d561e0da33f59141ce5f2e0ecee5ca4479db37a235d3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
via: e8s
last-modified: Wed, 17 Apr 2024 02:59:59 GMT
server: Apache
etag: "358a-616420cd9a64e"
content-type: image/png
accept-ranges: bytes
content-length: 13706

GET
H2 200 8QIHdirahM3j_su5uI0.woff2
fonts.gstatic.com/s/sofia/v14/ 11 KB
11 KB 91ms
13ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sofia/v14/8QIHdirahM3j_su5uI0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sofia&family=The+Girl+Next+Door&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ac38d3450e1b34fc06a525f31cd6b99203b646292c6c393a3c588ffe46018f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://magicalburst.birdwrongs.sh
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 14:02:33 GMT
x-content-type-options: nosniff
age: 419520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11524
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 14:02:33 GMT

GET
H2 200 pe0zMJCIMIsBjFxqYBIcZ6_OI5oFHCY4ULF6.woff2
fonts.gstatic.com/s/thegirlnextdoor/v22/ 22 KB
23 KB 85ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/thegirlnextdoor/v22/pe0zMJCIMIsBjFxqYBIcZ6_OI5oFHCY4ULF6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sofia&family=The+Girl+Next+Door&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f4e5d1a5879c1ae55aea79a7b9f850ab9ea1c2e3557958af290c54bc64e684f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://magicalburst.birdwrongs.sh
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 23:43:17 GMT
x-content-type-options: nosniff
age: 39076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22584
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:47:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Apr 2025 23:43:17 GMT

POST
H2 200 count
magicalburst.goatcounter.com/ 43 B
826 B 114ms
31ms Ping
image/gif 2a01:4f9:3a:13e0::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://magicalburst.goatcounter.com/count?p=%2F&t=Magical%20Burst%20Character%20Generator&s=1600%2C1200%2C1&b=0&rnd=7wo6f

Requested by

Host: gc.zgo.at
URL: https://gc.zgo.at/count.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:4f9:3a:13e0::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

Resource Hash

42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'; frame-src 'self'; script-src 'self' https://gc.zgo.at static.zgo.at; font-src 'self' https://gc.zgo.at static.zgo.at; form-action 'self'; manifest-src 'self' https://gc.zgo.at static.zgo.at; default-src 'none'; img-src 'self' https://gc.zgo.at static.zgo.at data:; style-src 'self' https://gc.zgo.at static.zgo.at 'unsafe-inline'; connect-src 'self' wss:
Strict-Transport-Security	max-age=7776000
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: frame-ancestors 'none'; frame-src 'self'; script-src 'self' https://gc.zgo.at static.zgo.at; font-src 'self' https://gc.zgo.at static.zgo.at; form-action 'self'; manifest-src 'self' https://gc.zgo.at static.zgo.at; default-src 'none'; img-src 'self' https://gc.zgo.at static.zgo.at data:; style-src 'self' https://gc.zgo.at static.zgo.at 'unsafe-inline'; connect-src 'self' wss:
strict-transport-security: max-age=7776000
x-content-type-options: nosniff
x-rate-limit-limit: 4
content-encoding: gzip
x-rate-limit-remaining: 4
date: Sat, 27 Apr 2024 10:34:33 GMT
age: 0
via: 1.1 www (Varnish/7.5)
cross-origin-resource-policy: cross-origin
x-frame-options: deny
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-varnish: 688587219
cache-control: no-store,no-cache
x-rate-limit-reset: 1

GET
H2 404 favicon.ico
magicalburst.birdwrongs.sh/ 1 KB
661 B 89ms
89ms Other
text/html 2607:ff18:80::7022
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://magicalburst.birdwrongs.sh/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2607:ff18:80::7022 , United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 86f975687e0f0655cb3f75cbff0824b7008448422ede74e6ae33bbb2291ef133

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://magicalburst.birdwrongs.sh/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 27 Apr 2024 10:34:33 GMT
content-encoding: gzip
via: e8s
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
accept-ranges: bytes
content-length: 611

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| goatcounter

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://magicalburst.birdwrongs.sh/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
gc.zgo.at
magicalburst.birdwrongs.sh
magicalburst.goatcounter.com
2607:ff18:80::7022
2a00:1450:4001:800::2003
2a00:1450:4001:81c::200a
2a01:4f9:3a:13e0::2
2a04:4e42:600::649
2a05:d014:58f:6201::64
0e44539f25c34a4a0f2cee30df34b50e0ec1f3f4eb13c559069ea5b3d2dcda8b
1d86f863d9cb1268a3c34b1c00326f530cad63271731d254ce0bef7bcf4ab672
2f4e5d1a5879c1ae55aea79a7b9f850ab9ea1c2e3557958af290c54bc64e684f
33a3e5a71133deac7f83d98bcd7bc58f9760ef1161a3ccdcdb1f51093380c0f5
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
630e0da6c1e2a66d14eab9e06a300377997eb7c0da4f979faa165b55022ca997
673437f1bd0b54d1e6083f763a486d2957431c885176f0a3fa95ef8e0f74cce2
81d7e8eeaa6119f767eb152fbc44165a68c787d58942e65ab1f29ab26741a72f
86f975687e0f0655cb3f75cbff0824b7008448422ede74e6ae33bbb2291ef133
90ff7f51ece9d86596742cb9b6527eaba2dd17dab716eba4200976931b5932b4
ade660d10cc59a1e59ce3fcc3aaba692868e4a1b7f4833e8da58c89a24e461bb
de4d2c731a66d40bc918a462d7d7468526e5865230a051945c1bf50c08f063a9
e082074d97d013ccff41d561e0da33f59141ce5f2e0ecee5ca4479db37a235d3
e3ac38d3450e1b34fc06a525f31cd6b99203b646292c6c393a3c588ffe46018f
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

magicalburst.birdwrongs.sh Open in urlscan Pro 2607:ff18:80::7022 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

152 kBTransfer

265 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

magicalburst.birdwrongs.sh Open in urlscan Pro
2607:ff18:80::7022 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

152 kB
Transfer

265 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions