avalonstudios.ca Open in urlscan Pro
2606:4700:3033::6815:2e95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://avalonstudios.ca/v/upromise-barclay-login.html
Submission: On May 13 via api (May 13th 2023, 4:40:09 pm UTC) from GB — Scanned from CA

Summary HTTP 14 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::6815:2e95, located in United States and belongs to CLOUDFLARENET, US. The main domain is avalonstudios.ca.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.

This is the only time avalonstudios.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:2e95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	2600:9000:212... 2600:9000:2120:b400:16:8bbe:c640:21	16509 (AMAZON-02) (AMAZON-02)
8	5.161.63.2 5.161.63.2	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	185.155.184.98 185.155.184.98	5398 (AS5398) (AS5398)
1	104.105.91.188 104.105.91.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:400c:c01::5e	15169 (GOOGLE) (GOOGLE)
14	7

1 2606:4700:3033::6815:2e95 (United States)

ASN13335 (CLOUDFLARENET, US)

avalonstudios.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2120:b400:16:8bbe:c640:21 (United States) 8 redirects

ASN16509 (AMAZON-02, US)

d1irhuf3z5u61l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.161.63.2 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.2.63.161.5.clients.your-server.de

static-only.metabenefit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.155.184.98 (Switzerland)

ASN5398 (AS5398, CH)

myprizeserv.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.105.91.188 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-91-188.deploy.static.akamaitechnologies.com

cards.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400c:c01::5e (Charleston, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	metabenefit.com static-only.metabenefit.com	29 KB
8	cloudfront.net 8 redirects d1irhuf3z5u61l.cloudfront.net	2 KB
2	gstatic.com fonts.gstatic.com	34 KB
1	barclaycardus.com cards.barclaycardus.com — Cisco Umbrella Rank: 101493
1	myprizeserv.life myprizeserv.life	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
1	avalonstudios.ca avalonstudios.ca	75 KB
14	7

	Domain	Requested by
8	static-only.metabenefit.com	avalonstudios.ca
8	d1irhuf3z5u61l.cloudfront.net	8 redirects
2	fonts.gstatic.com	fonts.googleapis.com
1	cards.barclaycardus.com	avalonstudios.ca
1	myprizeserv.life	avalonstudios.ca
1	fonts.googleapis.com	avalonstudios.ca
1	avalonstudios.ca
14	7

This site contains links to these domains. Also see Links.

Domain
cards.barclaycardus.com
www.upromise.com
www.securebanking.barclaysus.com
www.upromisemastercard.com
www.nerdwallet.com
home.barclaycard
policies.google.com

Subject Issuer	Validity	Valid
avalonstudios.ca GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
myprizeserv.life R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
www.barclaycardus.com DigiCert SHA2 Extended Validation Server CA	`2022-11-23` - `2023-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
static-only.metabenefit.com R3	`2023-03-30` - `2023-06-28`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://avalonstudios.ca/v/upromise-barclay-login.html
Frame ID: C9E67659C7BC34F15EB42E3B7D6016C1
Requests: 13 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 091FD99F23E8A093424E815385A68D22
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 8E8A14826E4D37B6108F4E1D717B5849
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 27CCBCDBF154E8357BA80DADBC1FE98A
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: E7E2BD0B301FA4EC3D599003159222E8
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: E3454D271C8819238F588068A5A302BC
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 85C98BB8A68B526FE19C27BE47C5123B
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: B91B77CB51A25F9E1A5D2672D87C3027
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Upromise Barclay Login - Welcome to Barclays US - AvalonDB

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

141 kB
Transfer

392 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://cards.barclaycardus.com/
Title: Welcome to Barclays US

Search URL Search Domain Scan URL

URL: https://www.upromise.com/login/
Title: Upromise.com Login

Search URL Search Domain Scan URL

URL: https://www.upromise.com/
Title: Upromise helps you save for college.

Search URL Search Domain Scan URL

URL: https://www.securebanking.barclaysus.com/
Title: Unknown - Error report

Search URL Search Domain Scan URL

URL: https://www.upromisemastercard.com/
Title: Upromise Mastercard

Search URL Search Domain Scan URL

URL: https://www.nerdwallet.com/best/credit-cards/barclays-cards
Title: Best Barclays Credit Cards - NerdWallet

Search URL Search Domain Scan URL

URL: https://home.barclaycard/about-us/
Title: About us | Barclaycard

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://d1irhuf3z5u61l.cloudfront.net/static/public/css/cbase.12a6ece7.css HTTP 308
https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css

Request Chain 12

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 13

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 14

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 15

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 16

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 17

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 18

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

14 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request upromise-barclay-login.html Show response
avalonstudios.ca/v/ 124 KB
75 KB 324ms
262ms Document
text/html 2606:4700:3033::6815:2e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2e95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23aed459b95725a1e06d9ae6134dc08e092f58e15d711211eea67d811c8c330e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
cf-ray: 7c6c574ecd664003-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 13 May 2023 16:40:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 24 Apr 2023 07:09:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFPUBM%2F8n8a00iSByRoZF4nTz2BOaProE6iyL88nQBUpWx9XkmP8%2BlTUaTGw8COg6RODK1PMY9zSlm8KACKsjwKskpfI%2BSt4v25szhBct11DYwZBS9TToM0Qn6tUxLkCvwSDewBHkGxsku6ZTLRU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

cbase.12a6ece7.css
static-only.metabenefit.com/static/public/css/
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/public/css/cbase.12a6ece7.css
https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css

155 KB
26 KB

289ms
223ms

Stylesheet
text/css

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy, Caddy /
Resource Hash: 46b413c88e9bdf0205b930e7baf8152e2ff4e9973165f5b765eb5cb0a9836e2e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:40:04 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 00:01:43 GMT
server: Caddy, Caddy
etag: "qp7pev3ebm"
vary: Accept-Encoding
content-type: text/css; charset=utf-8

Redirect headers

date: Sat, 13 May 2023 16:40:04 GMT
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
location: https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css
content-length: 0
x-amz-cf-id: Ak5ZQ-5jwgK5B7wa47hqJW3VmeqT8bmjWrRIM5Nho-0C02amkEZ3AQ==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 83ms
35ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Requested by

Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b0139427642a31a54f699306f6e53ea09007e09a7da5e5c163404d73311843d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 May 2023 16:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 May 2023 16:40:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 May 2023 16:40:03 GMT

GET
H/1.1 200
OK popunder.js Show response
myprizeserv.life/js/ 812 B
1 KB 352ms
112ms Script
application/javascript 185.155.184.98
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

https://myprizeserv.life/js/popunder.js

Requested by

Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.98 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sat, 13 May 2023 16:40:04 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 175EC041079F92A5
Connection: keep-alive
Content-Length: 812
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Server: nginx
ETag: "1112c3e266341e6062a9ba705458138a"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
Expires: Sun, 12 May 2024 16:40:04 GMT

GET
H2 200 /
cards.barclaycardus.com/ 0
0 235ms
85ms Other
text/html 104.105.91.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cards.barclaycardus.com/
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.105.91.188 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-105-91-188.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3b8e6b5e03854442ca42c962303b2a1466fcff2088915a917a2066c646444c2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c97b6524a32fe586e0023a2e7a1bdb6a1505af85426170917e00e790bf99934

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01ddeb03cdd80b3bb3a3cb6768d0c3ab2383603025f6e252581adc4f41d55b3c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbc271d53608c218d2cb2497a6d8b17ee33172f0f061345fd6066a3afe5c46e2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 772f31af3f2f083f4ef03546e99e26c5fd03e73fdddee908eb0863261b1b3153

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 14 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad67cf48e5910fa2a7ad280d26d1b82b2e90dabaf44b4c6801b401918a3ee8e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 106ms
34ms Font
font/woff2 2607:f8b0:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c01::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://avalonstudios.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 08:04:40 GMT
x-content-type-options: nosniff
age: 462924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 May 2024 08:04:40 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v26/ 18 KB
18 KB 114ms
43ms Font
font/woff2 2607:f8b0:400c:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400c:c01::5e Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a6e7a3b413d838d3c53b06f53a567671f9477bd703ecdebbc5dcffb587b963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://avalonstudios.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 07 May 2023 22:58:39 GMT
x-content-type-options: nosniff
age: 495685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18128
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 May 2024 22:58:39 GMT

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 091F
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
463 B

123ms
123ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: m2-KPZ5fC_CJ6R35_EwoyQJ3jRLl7TNjLJ-4UCI6BnPbEma3jhNksA==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 8E8A
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

193ms
192ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: 9LmqDsjIktYFuc5B3rg3nWyHIJ5xA8FWjTOekBWp5QghZ2pJbyax2w==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 27CC
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

197ms
197ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: R9BF_A43PlA-V18LUVN7XsvhlRCqC0T2T0KQN-a41mAFCvIj3sUuFA==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame E7E2
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

218ms
217ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: XOa7qYQ8bV4xSC0nyIaJV-YpwJ0KuNWN73LGtTi1FXLb8zramglA3A==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame E345
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

203ms
202ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: 56CEJfpPNeOjGtVFw3gLaQUJRKy42gCxnV3hgzv0sUiRjejRbhj3XA==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 85C9
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

219ms
219ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: Tj4tvFOfIA7FCltXKZu1fu5P2UhjKFejscoG3zZ9PuRAubCEGCv3Bw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame B91B
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

217ms
217ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: avalonstudios.ca
URL: https://avalonstudios.ca/v/upromise-barclay-login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sat, 13 May 2023 16:40:04 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sat, 13 May 2023 16:40:04 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 3656f262c2589326b2ab2a4824da0516.cloudfront.net (CloudFront)
x-amz-cf-id: tEYW8by8RnCaPlxPRWwLpjhu-v1Yhm0zUKQmDPpl-90PxTXGkNb9ZA==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avalonstudios.ca
cards.barclaycardus.com
d1irhuf3z5u61l.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
myprizeserv.life
static-only.metabenefit.com
104.105.91.188
185.155.184.98
2600:9000:2120:b400:16:8bbe:c640:21
2606:4700:3033::6815:2e95
2607:f8b0:4006:80f::200a
2607:f8b0:400c:c01::5e
5.161.63.2
01ddeb03cdd80b3bb3a3cb6768d0c3ab2383603025f6e252581adc4f41d55b3c
0ad67cf48e5910fa2a7ad280d26d1b82b2e90dabaf44b4c6801b401918a3ee8e
23aed459b95725a1e06d9ae6134dc08e092f58e15d711211eea67d811c8c330e
2b0139427642a31a54f699306f6e53ea09007e09a7da5e5c163404d73311843d
46b413c88e9bdf0205b930e7baf8152e2ff4e9973165f5b765eb5cb0a9836e2e
67a6e7a3b413d838d3c53b06f53a567671f9477bd703ecdebbc5dcffb587b963
772f31af3f2f083f4ef03546e99e26c5fd03e73fdddee908eb0863261b1b3153
9c97b6524a32fe586e0023a2e7a1bdb6a1505af85426170917e00e790bf99934
a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5
b3b8e6b5e03854442ca42c962303b2a1466fcff2088915a917a2066c646444c2
cbc271d53608c218d2cb2497a6d8b17ee33172f0f061345fd6066a3afe5c46e2
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

avalonstudios.ca Open in urlscan Pro 2606:4700:3033::6815:2e95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

141 kBTransfer

392 kBSize

0 Cookies

9 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

avalonstudios.ca Open in urlscan Pro
2606:4700:3033::6815:2e95 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

141 kB
Transfer

392 kB
Size

0
Cookies

14 HTTP transactions
6 data transactions