www.avalonstudios.ca Open in urlscan Pro
2606:4700:3033::6815:2e95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.avalonstudios.ca/v/us-air-mastercard.html
Submission: On May 28 via api (May 28th 2023, 4:43:16 pm UTC) from GB — Scanned from CA

Summary HTTP 14 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::6815:2e95, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.avalonstudios.ca.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.

This is the only time www.avalonstudios.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:2e95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	2600:9000:212... 2600:9000:2120:4200:16:8bbe:c640:21	16509 (AMAZON-02) (AMAZON-02)
8	5.161.63.2 5.161.63.2	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
1	185.155.184.98 185.155.184.98	5398 (AS5398) (AS5398)
1 2	23.198.217.248 23.198.217.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:402... 2607:f8b0:4020:804::2003	15169 (GOOGLE) (GOOGLE)
14	7

1 2606:4700:3033::6815:2e95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.avalonstudios.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2120:4200:16:8bbe:c640:21 (United States) 8 redirects

ASN16509 (AMAZON-02, US)

d1irhuf3z5u61l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 5.161.63.2 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.2.63.161.5.clients.your-server.de

static-only.metabenefit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.155.184.98 (Switzerland)

ASN5398 (AS5398, CH)

myprizeserv.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.198.217.248 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-217-248.deploy.static.akamaitechnologies.com

www.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cards.barclaycardus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:804::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	metabenefit.com static-only.metabenefit.com	29 KB
8	cloudfront.net 8 redirects d1irhuf3z5u61l.cloudfront.net	2 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	barclaycardus.com 1 redirects www.barclaycardus.com — Cisco Umbrella Rank: 69894 cards.barclaycardus.com — Cisco Umbrella Rank: 77289	1 KB
1	myprizeserv.life myprizeserv.life	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	avalonstudios.ca www.avalonstudios.ca	72 KB
14	7

	Domain	Requested by
8	static-only.metabenefit.com	www.avalonstudios.ca
8	d1irhuf3z5u61l.cloudfront.net	8 redirects
2	fonts.gstatic.com	fonts.googleapis.com
1	cards.barclaycardus.com	www.avalonstudios.ca
1	www.barclaycardus.com	1 redirects
1	myprizeserv.life	www.avalonstudios.ca
1	fonts.googleapis.com	www.avalonstudios.ca
1	www.avalonstudios.ca
14	8

This site contains links to these domains. Also see Links.

Domain
avalonstudios.ca
www.barclaycardus.com
www.aviatormastercard.com
www.home.barclaycard
www.securebanking.barclaysus.com
millionmilesecrets.com
www.doxo.com
policies.google.com

Subject Issuer	Validity	Valid
avalonstudios.ca GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
myprizeserv.life R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
static-only.metabenefit.com R3	`2023-03-30` - `2023-06-28`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.avalonstudios.ca/v/us-air-mastercard.html
Frame ID: B1D7DB3DFA6DC5B12C1764765BFF8FD5
Requests: 13 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: B46954AB60C43CD8047F8632B721DF51
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 5CA299AD899FE2FD9257D69C3A66561F
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 564D8E2A671A46DEF4172EE664CBF5BD
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 69333744226FB986969F52ACDA204E82
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 15BA169A5094FB91E30B1A8A3993CEA0
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 2C178C6D9AD7CDF926A54AC90EDB4B39
Requests: 1 HTTP requests in this frame

Frame: https://static-only.metabenefit.com/static/svg/external-link.svg
Frame ID: 31E4F2FD0315F745D9887B6C0CF05DBF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Us Air Mastercard - Welcome to Barclays US - AvalonDB

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

86 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

137 kB
Transfer

388 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://avalonstudios.ca/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.barclaycardus.com/
Title: Welcome to Barclays US

Search URL Search Domain Scan URL

URL: https://www.aviatormastercard.com/
Title: Welcome to Aviator Mastercard

Search URL Search Domain Scan URL

URL: https://www.home.barclaycard/toolbar/log-in.html
Title: Log in to myBarclaycard | Home.Barclaycard

Search URL Search Domain Scan URL

URL: https://www.securebanking.barclaysus.com/
Title: Unknown - Error report

Search URL Search Domain Scan URL

URL: https://millionmilesecrets.com/reviews/us-air-mastercard/
Title: US Air Mastercard | Million Mile Secrets

Search URL Search Domain Scan URL

URL: https://millionmilesecrets.com/guides/fail-in-which-i-dont-get-a-second-us-air-credit-card/
Title: 2nd US Air MasterCard | Million Mile Secrets

Search URL Search Domain Scan URL

URL: https://www.doxo.com/info/us-airways-mastercard
Title: US Airways MasterCard | Pay Your Bill Online | doxo.com

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://d1irhuf3z5u61l.cloudfront.net/static/public/css/cbase.12a6ece7.css HTTP 308
https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css

Request Chain 3

https://www.barclaycardus.com/ HTTP 302
https://cards.barclaycardus.com/

Request Chain 12

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 13

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 14

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 15

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 16

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 17

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

Request Chain 18

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg HTTP 308
https://static-only.metabenefit.com/static/svg/external-link.svg

14 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request us-air-mastercard.html Show response
www.avalonstudios.ca/v/ 122 KB
72 KB 386ms
323ms Document
text/html 2606:4700:3033::6815:2e95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2e95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce48c17d34c9717aae072acaea0a8d66a3a1d51072c2e6b824f76b5f6df37c14

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000
cf-cache-status: DYNAMIC
cf-ray: 7ce7f47f6e01a1ea-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 28 May 2023 16:43:10 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 24 Apr 2023 07:09:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PGGK6%2FtCqHbw7MxyA9dMk2NvqVhKmW3Q5LCanYfZqQP91ylJb2%2Bt1K9MJpLP4gvg5glycfXXRWNa5VX0k7nwNs66LXPrlm%2FImg004%2FCljSYn3EYmYCbIOS7bkc3ad5AdVRf0A2N%2Bct1NbK7agc36VMbeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

cbase.12a6ece7.css
static-only.metabenefit.com/static/public/css/
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/public/css/cbase.12a6ece7.css
https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css

155 KB
26 KB

369ms
224ms

Stylesheet
text/css

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy, Caddy /
Resource Hash: 46b413c88e9bdf0205b930e7baf8152e2ff4e9973165f5b765eb5cb0a9836e2e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:43:11 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 00:01:43 GMT
server: Caddy, Caddy
etag: "qp7pev3ebm"
vary: Accept-Encoding
content-type: text/css; charset=utf-8

Redirect headers

date: Sun, 28 May 2023 16:43:11 GMT
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
location: https://static-only.metabenefit.com/static/public/css/cbase.12a6ece7.css
content-length: 0
x-amz-cf-id: 9ZArFdiC7stvO7wN0NdE100ZiKNyI6OOjrsUZFljWlIKpnQGePj_RA==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 77ms
36ms Stylesheet
text/css 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Requested by

Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b0139427642a31a54f699306f6e53ea09007e09a7da5e5c163404d73311843d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 May 2023 16:43:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 May 2023 16:43:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 May 2023 16:43:11 GMT

GET
H/1.1 200
OK popunder.js Show response
myprizeserv.life/js/ 812 B
1 KB 360ms
113ms Script
application/javascript 185.155.184.98
AS5398

General

Check archive.org

Show headers Download Go to

Full URL

https://myprizeserv.life/js/popunder.js

Requested by

Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.98 , Switzerland, ASN5398 (AS5398, CH),

Reverse DNS

Software

nginx /

Resource Hash

e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 28 May 2023 16:43:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17635BB87D1F14CA
Connection: keep-alive
Content-Length: 812
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Server: nginx
ETag: "1112c3e266341e6062a9ba705458138a"
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
Expires: Mon, 27 May 2024 16:43:11 GMT

GET
H2

200

/
cards.barclaycardus.com/
Redirect Chain

https://www.barclaycardus.com/
https://cards.barclaycardus.com/

0
0

177ms
151ms

Other
text/html

23.198.217.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cards.barclaycardus.com/
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Server: 23.198.217.248 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-217-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avalonstudios.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sun, 28 May 2023 16:43:11 GMT
server
x-frame-options: DENY
content-language: en-US
location: https://cards.barclaycardus.com
cache-control: no-store, no-cache, must-revalidate
x-bstat: 30|B|vip|59
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 768814c41aa153c95955b6b6b96a59fe05843265533636470cc4cc7a61b2f281

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aa06fd57a007274b09cc1b33ecd85b42b4c67eb9a217cdc9fbf99c057bf8ef4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da2676e1b9cf70d545e4be2be713aa94aa92f49068d400fd3d246c57d0f735f4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df429109fc851aa413b882119848b0880cf30ce80e0918fdb2c4292a39514a20

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 15 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 536d9535c48a2168dd9413405eec04003eef3c831eca872324d03f785e4ef595

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b178a1eb72ecc9b9354893f7723b133e1adf808b9c180b57a2b53cb10b88837a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
16ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avalonstudios.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 08:06:23 GMT
x-content-type-options: nosniff
age: 117408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 08:06:23 GMT

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v26/ 18 KB
18 KB 58ms
19ms Font
font/woff2 2607:f8b0:4020:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v26/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a6e7a3b413d838d3c53b06f53a567671f9477bd703ecdebbc5dcffb587b963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avalonstudios.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:42:36 GMT
x-content-type-options: nosniff
age: 118835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18128
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 07:42:36 GMT

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame B469
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
463 B

123ms
123ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: KpuR8YCCnD2XqLVKSW8NgxU6CjLuDyeARjDOsvr_w3Kj0lerZ0SM2w==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 5CA2
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

218ms
218ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: X8wBNQ2zJ-siSVpEgiKYN_JFHkXdH9Uinp9Qf8IryhmlTErC5gM0Rg==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 564D
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

219ms
219ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: HkDq75oWkUBGCIUuYg_yvvnvM6tzJJMGnVNfm0glzAtNBpO_xyByFw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 6933
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

218ms
217ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: X3de0uU7fu2rqbORV8YdOhLIyRWD1ryPcMzxyT-vrG23E2Sw883_fQ==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 15BA
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

201ms
201ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: pIVMAIyu_37GX6brwonG6tNe4cEcgFPv5ya-_4zGzlLPi-XOta2f8A==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 2C17
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

199ms
199ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: XBPf3U7Z92FfqyFgIs_1xtJ3dxiWQHhjOs0LgIPnjYqa9TRMBydXEw==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

GET
H2

200

external-link.svg Show response
static-only.metabenefit.com/static/svg/ Frame 31E4
Redirect Chain

https://d1irhuf3z5u61l.cloudfront.net/static/svg/external-link.svg
https://static-only.metabenefit.com/static/svg/external-link.svg

388 B
414 B

220ms
219ms

Document
image/svg+xml

5.161.63.2
HETZNER-CLOUD2-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static-only.metabenefit.com/static/svg/external-link.svg
Requested by: Host: www.avalonstudios.ca
URL: https://www.avalonstudios.ca/v/us-air-mastercard.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.161.63.2 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS: static.2.63.161.5.clients.your-server.de
Software: Caddy Caddy /
Resource Hash: a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5

Request headers

Referer: https://www.avalonstudios.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-length: 388
content-type: image/svg+xml
date: Sun, 28 May 2023 16:43:11 GMT
etag: "q3jrmuas"
last-modified: Fri, 03 Jan 2020 20:01:42 GMT
server: Caddy Caddy

Redirect headers

content-length: 0
date: Sun, 28 May 2023 16:43:11 GMT
location: https://static-only.metabenefit.com/static/svg/external-link.svg
server: Caddy
via: 1.1 e034bbdcdfa9db06a6cbd5649d252a70.cloudfront.net (CloudFront)
x-amz-cf-id: tRyCYlNbAMBuIExKADZngE0k_g9djSSAKegwiOqbBbWV_CmxDJZlEg==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cards.barclaycardus.com
d1irhuf3z5u61l.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
myprizeserv.life
static-only.metabenefit.com
www.avalonstudios.ca
www.barclaycardus.com
185.155.184.98
23.198.217.248
2600:9000:2120:4200:16:8bbe:c640:21
2606:4700:3033::6815:2e95
2607:f8b0:4020:804::2003
2607:f8b0:4020:807::200a
5.161.63.2
2b0139427642a31a54f699306f6e53ea09007e09a7da5e5c163404d73311843d
46b413c88e9bdf0205b930e7baf8152e2ff4e9973165f5b765eb5cb0a9836e2e
536d9535c48a2168dd9413405eec04003eef3c831eca872324d03f785e4ef595
67a6e7a3b413d838d3c53b06f53a567671f9477bd703ecdebbc5dcffb587b963
768814c41aa153c95955b6b6b96a59fe05843265533636470cc4cc7a61b2f281
9aa06fd57a007274b09cc1b33ecd85b42b4c67eb9a217cdc9fbf99c057bf8ef4
a3fb50298000a40f383846a8968e6ada7709a1d8d9f945396e3131e074448fb5
b178a1eb72ecc9b9354893f7723b133e1adf808b9c180b57a2b53cb10b88837a
ce48c17d34c9717aae072acaea0a8d66a3a1d51072c2e6b824f76b5f6df37c14
da2676e1b9cf70d545e4be2be713aa94aa92f49068d400fd3d246c57d0f735f4
df429109fc851aa413b882119848b0880cf30ce80e0918fdb2c4292a39514a20
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.avalonstudios.ca Open in urlscan Pro 2606:4700:3033::6815:2e95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

86 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

7 IPs

3 Countries

137 kBTransfer

388 kBSize

0 Cookies

10 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

www.avalonstudios.ca Open in urlscan Pro
2606:4700:3033::6815:2e95 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

86 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

137 kB
Transfer

388 kB
Size

0
Cookies

14 HTTP transactions
6 data transactions