sp-access-window.firebaseapp.com Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sp-access-window.firebaseapp.com/
Submission: On December 23 via api (December 23rd 2023, 12:00:43 pm UTC) from AU — Scanned from AU

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is sp-access-window.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on November 13th 2023. Valid for: 3 months.

This is the only time sp-access-window.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
1	172.253.118.95 172.253.118.95	15169 (GOOGLE) (GOOGLE)
3	34.117.155.130 34.117.155.130	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
17	6

6 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

sp-access-window.firebaseapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.155.130 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 130.155.117.34.bc.googleusercontent.com

platform-api.sparkcommodities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

static.sparkcommodities.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	firebaseapp.com sp-access-window.firebaseapp.com	931 KB
5	sparkcommodities.com platform-api.sparkcommodities.com static.sparkcommodities.com	142 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
17	4

	Domain	Requested by
6	sp-access-window.firebaseapp.com	sp-access-window.firebaseapp.com
3	platform-api.sparkcommodities.com	sp-access-window.firebaseapp.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static.sparkcommodities.com	sp-access-window.firebaseapp.com
1	fonts.googleapis.com	sp-access-window.firebaseapp.com
17	5

This site contains links to these domains. Also see Links.

Domain
app.sparkcommodities.com

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
p-api.sparkcommodities.com GTS CA 1D4	`2023-12-22` - `2024-03-21`	3 months	crt.sh
www.celltonomy.com GTS CA 1D4	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sp-access-window.firebaseapp.com/
Frame ID: 5A6B36B7C4591C28CE8DAC1FEB0C0FD1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spark

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

1
Countries

1106 kB
Transfer

4217 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.sparkcommodities.com/signup/?to=products&referer=kpler-terminal
Title: Create your Spark account

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sp-access-window.firebaseapp.com/ 668 B
616 B 1137ms
565ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-access-window.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

274dc9a933d9b72d439bc4831fc4601a9fe25ecd21e1d28aab121a015a759607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 235
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 12:00:35 GMT
etag: "17b9c8e210622770f9028e51bc80bb1d8c37a5335e93ea9b4b7bad53c9a3e286-br"
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-bne12527-BNE
x-timer: S1703332835.061721,VS0,VE284

GET
H2 200 main-b6e776e6.js Show response
sp-access-window.firebaseapp.com/assets/ 737 KB
155 KB 638ms
636ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-access-window.firebaseapp.com/assets/main-b6e776e6.js

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e4cdd9e4ce5f2d3bc9d0ceaf8c5db9c0b36e5b1906293a29ad4f8e1f3d6079f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sp-access-window.firebaseapp.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12527-BNE
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 23 Dec 2023 12:00:35 GMT
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
x-timer: S1703332836.739477,VS0,VE2
etag: "54f6fbf7cc285c4b3f58a9b6a130d39fe5a878b7c804bf020fc4b87c44675732-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158455
x-cache-hits: 1

GET
H2 200 isSameOrBefore-5519eff1.js Show response
sp-access-window.firebaseapp.com/assets/ 3 MB
701 KB 283ms
282ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-access-window.firebaseapp.com/assets/isSameOrBefore-5519eff1.js

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

525635b24a26981b76d6da904ab4b907768c199d42119579ea160d6be1a920bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://sp-access-window.firebaseapp.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12527-BNE
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 23 Dec 2023 12:00:35 GMT
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
x-timer: S1703332836.739470,VS0,VE0
etag: "af068329d0dcd684691ec93d99cfaaf69006cc03cd921fb92369f866d9042710-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 716797
x-cache-hits: 1

GET
H2 200 isSameOrBefore.6152a4b4.css
sp-access-window.firebaseapp.com/assets/ 610 KB
56 KB 283ms
283ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-access-window.firebaseapp.com/assets/isSameOrBefore.6152a4b4.css

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6152a4b45ca6a931155bb888ae877122f167f544d8ac8c236a623efd73b47f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sp-access-window.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12527-BNE
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 23 Dec 2023 12:00:35 GMT
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
x-timer: S1703332836.739221,VS0,VE0
etag: "707adc24b222d09639b2f30627ebbedc084a1a3bf47d1225718d3135c7704378-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57449
x-cache-hits: 1

GET
H2 200 index.6bfc62d8.css
sp-access-window.firebaseapp.com/assets/ 22 KB
3 KB 284ms
283ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-access-window.firebaseapp.com/assets/index.6bfc62d8.css

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6bfc62d88d813b8bc39b924434b25b71cf3e1306ec96229a49d16ddaacde8cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sp-access-window.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12527-BNE
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 23 Dec 2023 12:00:35 GMT
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
x-timer: S1703332836.739432,VS0,VE0
etag: "ceb660bbc833abf6f88798a7763f8244d943d814b8f9ff3708fa360814823864-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2593
x-cache-hits: 1

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 1220ms
407ms Stylesheet
text/css 172.253.118.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700&display=swap

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/assets/isSameOrBefore.6152a4b4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f95.1e100.net

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sp-access-window.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 12:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 11:28:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 12:00:37 GMT

OPTIONS
H2 400 token
platform-api.sparkcommodities.com/v1.0/oauth/ 0
0 924ms
374ms Preflight
text/plain 34.117.155.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sparkcommodities.com/v1.0/oauth/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.155.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.155.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client-app-name,x-client-app-version
Access-Control-Request-Method: POST
Origin: https://sp-access-window.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-client-app-name,x-client-app-version
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
content-type: text/plain; charset=utf-8
date: Sat, 23 Dec 2023 12:00:38 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 8dffb8d95f5517877eb99df51f6bf45c;o=1

POST token
platform-api.sparkcommodities.com/v1.0/oauth/ 0
0

GET
H2 200 Mont-SemiBold.woff2
static.sparkcommodities.com/fonts/ 72 KB
72 KB 864ms
285ms Font
font/woff2 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.sparkcommodities.com/fonts/Mont-SemiBold.woff2

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/assets/isSameOrBefore.6152a4b4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd970f11ca775e6e10885924414f89e07322f9b409bc8975b87435806cf9c313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://sp-access-window.firebaseapp.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12520-BNE
strict-transport-security: max-age=31556926
date: Sat, 23 Dec 2023 12:00:38 GMT
last-modified: Thu, 21 Dec 2023 06:24:44 GMT
x-timer: S1703332839.733446,VS0,VE2
etag: "8983f935d946e55f2382c75d014de10ee60c66d63dadb8b53e2867a05c2de9f3"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 73688
x-cache-hits: 1

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 1218ms
406ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:07:25 GMT
x-content-type-options: nosniff
age: 305594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 23:07:25 GMT

OPTIONS
H2 400 logout
platform-api.sparkcommodities.com/v1.0/oauth/ 0
0 369ms
368ms Preflight
text/plain 34.117.155.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sparkcommodities.com/v1.0/oauth/logout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.155.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.155.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-app-name,x-client-app-version
Access-Control-Request-Method: POST
Origin: https://sp-access-window.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-client-app-name,x-client-app-version
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
content-type: text/plain; charset=utf-8
date: Sat, 23 Dec 2023 12:00:39 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 5e18cbee6fbdf588301edf71704e5dce

OPTIONS
H2 400 analytics
platform-api.sparkcommodities.com//v1/ 0
0 370ms
370ms Preflight
text/plain 34.117.155.130
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sparkcommodities.com//v1/analytics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.155.130 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 130.155.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-app-name,x-client-app-version
Access-Control-Request-Method: POST
Origin: https://sp-access-window.firebaseapp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-client-app-name,x-client-app-version
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
content-type: text/plain; charset=utf-8
date: Sat, 23 Dec 2023 12:00:39 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 2141fedfd63a3ea0b6edf4ce84b7a121

POST logout
platform-api.sparkcommodities.com/v1.0/oauth/ 0
0

GET
H3 200 price-popup-freight-logged-in.afbe753d.webp
sp-access-window.firebaseapp.com/assets/svg/ 17 KB
16 KB 283ms
282ms Image
image/webp 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp-access-window.firebaseapp.com/assets/svg/price-popup-freight-logged-in.afbe753d.webp

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/login?to=Access

Protocol

Security

QUIC, , AES_256_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

afbe753d62ffd96ecb661f68e0d2fa726f472a999a037163b6e6e6028f1a6d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://sp-access-window.firebaseapp.com/login?to=Access
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12522-BNE
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sat, 23 Dec 2023 12:00:39 GMT
last-modified: Mon, 18 Dec 2023 04:42:13 GMT
x-timer: S1703332839.191926,VS0,VE0
etag: "925a431f03002b191b26ed554f07b0f9f7caf2ee6a4bc10cb775ef97dc2d4064-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15827
x-cache-hits: 1

POST analytics
platform-api.sparkcommodities.com//v1/ 0
0

GET
H2 200 Mont-Bold.woff2
static.sparkcommodities.com/fonts/ 70 KB
70 KB 384ms
383ms Font
font/woff2 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.sparkcommodities.com/fonts/Mont-Bold.woff2

Requested by

Host: sp-access-window.firebaseapp.com
URL: https://sp-access-window.firebaseapp.com/assets/isSameOrBefore.6152a4b4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2bca4caa6bddf2e3666147c6ba3ca6ad800374278e31c81341ce222180363b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://sp-access-window.firebaseapp.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-bne12520-BNE
strict-transport-security: max-age=31556926
date: Sat, 23 Dec 2023 12:00:39 GMT
last-modified: Thu, 21 Dec 2023 06:24:44 GMT
x-timer: S1703332839.187351,VS0,VE2
etag: "3126a7a73160259eb64945da50f192644d6423ab2a58ae35951dff622036216f"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 71456
x-cache-hits: 1

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 420ms
420ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sp-access-window.firebaseapp.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:40:08 GMT
x-content-type-options: nosniff
age: 310831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 21:40:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: platform-api.sparkcommodities.com
URL: https://platform-api.sparkcommodities.com/v1.0/oauth/token

Domain: platform-api.sparkcommodities.com
URL: https://platform-api.sparkcommodities.com/v1.0/oauth/logout

Domain: platform-api.sparkcommodities.com
URL: https://platform-api.sparkcommodities.com//v1/analytics

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://sp-access-window.firebaseapp.com/ Message: Access to XMLHttpRequest at 'https://platform-api.sparkcommodities.com/v1.0/oauth/token' from origin 'https://sp-access-window.firebaseapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://platform-api.sparkcommodities.com/v1.0/oauth/token Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sp-access-window.firebaseapp.com/login?to=Access Message: Access to XMLHttpRequest at 'https://platform-api.sparkcommodities.com/v1.0/oauth/logout' from origin 'https://sp-access-window.firebaseapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://platform-api.sparkcommodities.com/v1.0/oauth/logout Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sp-access-window.firebaseapp.com/login?to=Access Message: Access to XMLHttpRequest at 'https://platform-api.sparkcommodities.com//v1/analytics' from origin 'https://sp-access-window.firebaseapp.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://platform-api.sparkcommodities.com//v1/analytics Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
platform-api.sparkcommodities.com
sp-access-window.firebaseapp.com
static.sparkcommodities.com
platform-api.sparkcommodities.com
142.251.12.94
151.101.65.195
172.253.118.95
199.36.158.100
34.117.155.130
274dc9a933d9b72d439bc4831fc4601a9fe25ecd21e1d28aab121a015a759607
2bca4caa6bddf2e3666147c6ba3ca6ad800374278e31c81341ce222180363b6c
525635b24a26981b76d6da904ab4b907768c199d42119579ea160d6be1a920bc
6152a4b45ca6a931155bb888ae877122f167f544d8ac8c236a623efd73b47f55
6bfc62d88d813b8bc39b924434b25b71cf3e1306ec96229a49d16ddaacde8cf3
6e4cdd9e4ce5f2d3bc9d0ceaf8c5db9c0b36e5b1906293a29ad4f8e1f3d6079f
afbe753d62ffd96ecb661f68e0d2fa726f472a999a037163b6e6e6028f1a6d87
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd970f11ca775e6e10885924414f89e07322f9b409bc8975b87435806cf9c313

sp-access-window.firebaseapp.com Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

6 IPs

1 Countries

1106 kBTransfer

4217 kBSize

0 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

6 Console Messages

Security Headers

Indicators

sp-access-window.firebaseapp.com Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

1
Countries

1106 kB
Transfer

4217 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions