Report - zabornikahea.firebaseapp.com/

Report Overview

Visited public
2023-08-15 22:53:37
Tags
suspicious
URL
zabornikahea.firebaseapp.com/
Finishing URL
zabornikahea.firebaseapp.com/#/v3/oevlogin/login
IP / ASN
199.36.158.100
#54113 FASTLY
Title
Swisspass.ch | Login
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-08-15 21:00:10	330 B	963 B	104.18.15.101
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-08-15 19:58:00	487 B	219 B	104.237.62.211
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-08-15 18:43:38	1.2 kB	262 kB	104.16.123.175
d27la2n6wh4qws.cloudfront.net	unknown	2008-04-25	2022-07-10 04:03:14	2023-07-29 12:28:37	480 B	8.1 kB	143.204.42.156
zabornikahea.firebaseapp.com	unknown	2012-10-15	2023-08-15 03:11:04	2023-08-16 00:33:56	6.7 kB	961 kB	199.36.158.100
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-15 18:12:04	1.7 kB	3.5 kB	142.250.74.131
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-08-13 00:41:00	1.9 kB	31 kB	216.58.207.228
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-08-15 18:53:11	2.4 kB	584 kB	142.250.74.35
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-15 20:41:41	1.0 kB	33 kB	142.250.74.35
api.ipapi.com	103949	1999-05-12	2018-10-08 11:48:11	2023-08-13 21:32:21	537 B	992 B	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB
2023-08-15	medium	zabornikahea.firebaseapp.com/	SBB

PhishTank

Scan Date	Severity	Indicator	Alert
2023-08-14	medium	zabornikahea.firebaseapp.com/	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/polyfills.9b1bde72d62e466c.js	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/runtime.25fece6c662f3a67.js	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/scripts.8cd2639e1c2a96e7.js	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/main.b44457161a67877b.js	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/styles.707209df0cc43c2f.css	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/assets/images/logo.png	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/assets/images/logo-20200819.svg	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.svg	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/favicon.ico	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.png	Other
2023-08-14	medium	zabornikahea.firebaseapp.com/assets/images/logo-20200819.png	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed
2023-08-15	medium	zabornikahea.firebaseapp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2	ScriptElement	69 B	2023-03-07	2025-05-11
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 09:48 Times Seen116385 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	zabornikahea.firebaseapp.com/scripts.8cd2639e1c2a96e7.js	ScriptElement	246 kB	2023-05-11	2024-12-02
Pretty URL zabornikahea.firebaseapp.com/scripts.8cd2639e1c2a96e7.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 04:38 Last Seen2024-12-02 07:45 Times Seen60 Hash bcc65a708b69adf782a6a003d7232c99 df5dcb5fa088465bc91c1a3ba6a827d3be7d4e83 4f4f317bf450d536785fb51f9611544ac8dc0af83d7a216784a6434e5e9470e8 Loading...

	zabornikahea.firebaseapp.com/main.b44457161a67877b.js	ScriptElement	5.3 MB	2023-08-15	2024-08-21
Pretty URL zabornikahea.firebaseapp.com/main.b44457161a67877b.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 11:12 Last Seen2024-08-21 08:41 Times Seen2 Hash 1f0f496192fe415a5354ef57e5b463f7 523cf162dff733c0fa7ab77482b0cbf7daeaa634 fe4f8ca62c9b95911989518c57d2ebc0b50da598cd6a9085b118dae6a9535227 Loading...

	www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded	ScriptElement	1.3 kB	2023-08-15	2023-08-16
Pretty URL www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 11:12 Last Seen2023-08-16 00:53 Times Seen2 Hash 2f3d80f14ce61c903e1998c5220557e7 b70afac8a93691b92979c0e024cd528c0e611c7e 0e9e95ccec8a4b485434c06aa0249c8fe93f126b574b1a599862fa7554bbae03 Loading...

	www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js	ScriptElement	461 kB	2023-08-15	2023-08-18
Pretty URL www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 03:50 Last Seen2023-08-18 05:16 Times Seen788 Hash c3d393e7af29342719105378e6f046b8 66a91c4ad5f5bc8c62e4239d636c729c8565836e 8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1 Loading...

	unpkg.com/imask	ScriptElement	110 kB	2023-07-18	2024-08-21
Pretty URL unpkg.com/imask IP 104.16.123.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-18 09:57 Last Seen2024-08-21 09:40 Times Seen161 Hash c411b791cf977df363dbd6ab49a417e9 af7c0a6c376bd138f6c966ea86a0e008edd236b3 42e7a5c70376b125d470d570585ff230cd777cfbbd9e4fbedc18d2de0c8dc83d Loading...

	zabornikahea.firebaseapp.com/runtime.25fece6c662f3a67.js	ScriptElement	1.1 kB	2023-04-18	2024-12-02
Pretty URL zabornikahea.firebaseapp.com/runtime.25fece6c662f3a67.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 19:48 Last Seen2024-12-02 07:45 Times Seen61 Hash 1f76bd4a846c37731350b46cbd98ff3c 211a236490d45fc18dd8721baaad3937ea8cf7ad f90127d2c1d3ead361c0ba8bfff0a44d9ac30a994b6be3e7ea7e9fb1c12921a4 Loading...

	zabornikahea.firebaseapp.com/polyfills.9b1bde72d62e466c.js	ScriptElement	34 kB	2023-05-11	2024-08-21
Pretty URL zabornikahea.firebaseapp.com/polyfills.9b1bde72d62e466c.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-11 04:38 Last Seen2024-08-21 08:41 Times Seen60 Hash 57e8b96b26a5360ccbbc482a1dc8558b d715e9414f1d634910e4d53db8f9f1590e0f8596 239682e70ed93aa27c459f14bf3c0379f76c408be542101606262742b6bba638 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-05-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-05-11 08:54 Times Seen56699 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2	ScriptElement	43 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2 IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 08:37 Last Seen2024-08-21 08:37 Times Seen1 Hash 1fecb429577d8fef0b071f5c8caec14e afc5acf885f2152c90c74d4cac851bf5ce3b1f11 6cf4e5a97af1d625bbba0d3f3293686d09e7a51722b198f3a89001588cb60b20 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0b1323a135674c9e88555138476b1a4d	16 kB	2023-08-10 14:24	2024-08-21 09:35
Pretty Observations First Seen2023-08-10 14:24 Last Seen2024-08-21 09:35 Times Seen474 Hash 0b1323a135674c9e88555138476b1a4d 3988488636ae47008a12d4b602578486accaec7c 4b32a91051717ce889430f1ec179d66e22eded44a0664d35a66baf8dae6f808b Loading...

	#2 Eval - 6810c33aa7f29eb0feb74098c6522906	22 B	2023-08-10 14:24	2024-08-21 09:35
Pretty Observations First Seen2023-08-10 14:24 Last Seen2024-08-21 09:35 Times Seen475 Hash 6810c33aa7f29eb0feb74098c6522906 08d5bae22de70089beff0b66705f7d1d484a022f ab3fc243cd0fdc4b6519ad0a8f530024173a22f56198da4e0e1e6370a3be8fa0 Loading...

	#3 Eval - 9bde84b2f41f56c6022d5cf2775eb4fd	20 kB	2024-08-21 08:37	2024-08-21 08:38
Pretty Observations First Seen2024-08-21 08:37 Last Seen2024-08-21 08:38 Times Seen2 Hash 9bde84b2f41f56c6022d5cf2775eb4fd 0df1b19c3749b10a529ffda122b6327e53956c91 854399d5a4a97b1d51ac882a57fd03b84bdc6ada6417bc2a2be831b575749bbf Loading...

	#4 Eval - fbcbe35fac87e57a76905349c61e9abd	22 B	2023-08-10 14:24	2024-08-21 09:35
Pretty Observations First Seen2023-08-10 14:24 Last Seen2024-08-21 09:35 Times Seen476 Hash fbcbe35fac87e57a76905349c61e9abd dd5ea4e23b24473551d6a5fdfb3d9cb9e755cf33 f7fed55f8760e2b9fb81307bb585069f05f96d98733e5e96fb4d1393e96859c8 Loading...

	#5 Eval - 238d027d5f2c7316b0d036a263a76f14	64 B	2023-08-10 14:24	2024-08-21 09:35
Pretty Observations First Seen2023-08-10 14:24 Last Seen2024-08-21 09:35 Times Seen476 Hash 238d027d5f2c7316b0d036a263a76f14 2c1a307b6e63f81a7d4632a21453eb2cee762886 ee46b88cbb23f05460cdad1274bf3b170aa9f465a48528fed0eef17df1cd5427 Loading...

HTTP Transactions (36)

URL IP Response Size

zabornikahea.firebaseapp.com/

199.36.158.100

200 OK

2.5 kB

URL User Request GET HTTP/2
zabornikahea.firebaseapp.com/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12164)
Size
2.5 kB (2466 bytes)
Hash
9b42e8678ec05b13ab925d4f2b5a2c3c
f80a6b9c1b4b69c48922e764212793fc81e69fc9
0b8535c4d5fe73b624d0e7d4822c9162635fac2d11ef1bf08bc1462cd8e6ea4d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "f8e74c93cb80d657a23c39bacd9541f044034a1b61db85db11da962853c9a00d-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:14 GMT
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139995.529965,VS0,VE106
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2466
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/tGGcBrp0f54

142.250.74.131

471 B

URL
ocsp.pki.goog/s/gts1d4int/tGGcBrp0f54
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5049366c1652164fde125b109397a5d7
dea853cd21b32b2dc9a9a39de4b6a137615e2f57
66ba934176f04b3fb6977a42f205f2e259c5abf8056b640307ac23f21c9f3892

HTTP Headers

POST /s/gts1d4int/tGGcBrp0f54 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Aug 2023 22:53:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zabornikahea.firebaseapp.com/polyfills.9b1bde72d62e466c.js

199.36.158.100

200 OK

11 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/polyfills.9b1bde72d62e466c.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
ASCII text, with very long lines (33851), with no line terminators
Size
11 kB (10913 bytes)
Hash
57e8b96b26a5360ccbbc482a1dc8558b
d715e9414f1d634910e4d53db8f9f1590e0f8596
239682e70ed93aa27c459f14bf3c0379f76c408be542101606262742b6bba638

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.9b1bde72d62e466c.js HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 10913
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "75709ff132e8dd7f78bf07c7f129e05fbd23a431519fb14efb4db98fca9ea726-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:15 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139995.378116,VS0,VE106
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/runtime.25fece6c662f3a67.js

199.36.158.100

200 OK

602 B

URL GET HTTP/3
zabornikahea.firebaseapp.com/runtime.25fece6c662f3a67.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
ASCII text, with very long lines (1079), with no line terminators
Size
602 B (602 bytes)
Hash
1f76bd4a846c37731350b46cbd98ff3c
211a236490d45fc18dd8721baaad3937ea8cf7ad
f90127d2c1d3ead361c0ba8bfff0a44d9ac30a994b6be3e7ea7e9fb1c12921a4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /runtime.25fece6c662f3a67.js HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 602
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "022d74c7a6203aad8b845ab005fcd7672e6d9b2410741f46c71debcb283b5ee7-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:15 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139995.377816,VS0,VE114
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/scripts.8cd2639e1c2a96e7.js

199.36.158.100

200 OK

69 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/scripts.8cd2639e1c2a96e7.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
ASCII text, with very long lines (61405)
Size
69 kB (68740 bytes)
Hash
bcc65a708b69adf782a6a003d7232c99
df5dcb5fa088465bc91c1a3ba6a827d3be7d4e83
4f4f317bf450d536785fb51f9611544ac8dc0af83d7a216784a6434e5e9470e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts.8cd2639e1c2a96e7.js HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 68740
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "b952e46cbbe72bfbb7095ee77ea3c1f7950824bd1d79f3c08b94b70b6c6119a9-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:15 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139995.378100,VS0,VE184
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/main.b44457161a67877b.js

199.36.158.100

200 OK

758 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/main.b44457161a67877b.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
Unicode text, UTF-8 text, with very long lines (65199), with CRLF line terminators
Size
758 kB (757687 bytes)
Hash
54aba53497aa480cf518050a53150c42
e64179716366c5a5352117e792095c5e581a1fab
cdb96cb3b3fa460dacd7c858d5a214ba4a875218445a44f586bee4c4b8ef6692

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.b44457161a67877b.js HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 757687
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "21c7400cdde90238d6e29a418436b654d6ee1d0d70550ded2db5e0a3e9d0dcb4-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:15 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139995.378088,VS0,VE252
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2

199.36.158.100

200 OK

14 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0\012- data
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SBBWeb-Light.a02ca059167840a5.woff2 HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 14212
cache-control: max-age=3600
content-type: font/woff2
etag: "a66d58ae578826b2deea7f77bd7754ade37ba14bf45645b05d35a9317bceb035"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:15 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139996.818717,VS0,VE95
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/styles.707209df0cc43c2f.css

199.36.158.100

200 OK

68 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/styles.707209df0cc43c2f.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
68 kB (68491 bytes)
Hash
d4ca8784078a7adfeaf201d9859340b4
5b24b871dc03cf70ae10799bc17da8b99a124b8d
ea35e9657329683d4c75301b8850fde380505b13a50afcf421cce78b8940c3f6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles.707209df0cc43c2f.css HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 68491
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "bd3b1b25a2ae0083f30453453c31c937e386dd1cf92e30baa219acaba9024df0-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139996.818729,VS0,VE190
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c0cd8bc88704cab01d56a7e7f7c830fa
82478af9121cfcbe1eeed4bed603fa02193e05b8
abf44838baba94f8b51991aec6e3892e5d0139abdb84a33ad85ed961977933ef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Aug 2023 22:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded

216.58.207.228

200 OK

883 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint6C:9C:65:0F:F8:D3:FF:6B:3D:3E:E7:7D:B8:12:A5:03:E0:2F:09:4C
ValidityMon, 17 Jul 2023 08:22:07 GMT - Mon, 09 Oct 2023 08:22:06 GMT

File type
ASCII text, with very long lines (1317), with no line terminators
Size
883 B (883 bytes)
Hash
2f3d80f14ce61c903e1998c5220557e7
b70afac8a93691b92979c0e024cd528c0e611c7e
0e9e95ccec8a4b485434c06aa0249c8fe93f126b574b1a599862fa7554bbae03

HTTP Headers

GET /recaptcha/api.js?render=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&onload=ng2recaptchaloaded HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Tue, 15 Aug 2023 22:53:16 GMT
date: Tue, 15 Aug 2023 22:53:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 883
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zabornikahea.firebaseapp.com/assets/images/logo.png

199.36.158.100

200 OK

1.3 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/assets/images/logo.png
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
PNG image data, 170 x 19, 8-bit colormap, non-interlaced\012- data
Size
1.3 kB (1294 bytes)
Hash
90212f3504e52c2077f65efc908f4b82
aa57cc70978927a10889f4bb8b278cd223fc178a
d45fd2cc05090e4b504f361216b1032409ed3cdf9904f50ce56e8a6b0f3c006e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1294
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "e8cd1f2edb6c98ed600156c7cca6f18edeb29be77b51e61bc9cdb538a4810b9b-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139996.264831,VS0,VE96
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7ca1622b0e6321611deb03945d4f926f
5e7b2ae7f2d8d9c1f1b88ff19aadf8b7403ff4e7
c8d225c420ae16ecad2065c490b743c530aa70f3369e87c78f51952d145ed3e4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Aug 2023 22:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zabornikahea.firebaseapp.com/assets/images/logo-20200819.svg

199.36.158.100

200 OK

2.2 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/assets/images/logo-20200819.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7374), with no line terminators
Size
2.2 kB (2212 bytes)
Hash
795242580bfa3135028bd0750fdc1654
2c344b6662e62ddbdba49f635e1c33a827fe75d4
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo-20200819.svg HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2212
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "4adb01daadbfa29de8d1e28066cc2cdbddeda5d6e39f2e7a78c82f4fe25dab18-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139996.416966,VS0,VE58
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.svg

199.36.158.100

200 OK

13 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1350)
Size
13 kB (12644 bytes)
Hash
512410d9227bb0c2481e175dce0eda72
1deb5d9f09592101e632a8351865d54b1d6a27f7
c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo_text_de-20200819.svg HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 12644
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "4e247643ec4bd34e8164a7591efb38c00d6aab78bb5751c9fa733535007d070f-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139996.416279,VS0,VE88
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2

199.36.158.100

200 OK

14 kB

URL GET HTTP/3
zabornikahea.firebaseapp.com/SBBWeb-Light.a02ca059167840a5.woff2
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14212, version 1.0\012- data
Size
14 kB (14212 bytes)
Hash
8b70a44a98a0ac5d721df7d8f5136f7b
10e10c01e732f3d35a78e1051bfcc9fe2589ddda
5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /SBBWeb-Light.a02ca059167840a5.woff2 HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/styles.707209df0cc43c2f.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 14212
cache-control: max-age=3600
content-type: font/woff2
etag: "a66d58ae578826b2deea7f77bd7754ade37ba14bf45645b05d35a9317bceb035"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1692139997.605356,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4246da3f9773457bbeec14ad2d54253e
d4ec583aa1adb4fe9b91eb2435042cd612df54ff
1b2a261c97d622444646bec82a64c84873b9cc9c6ac74ee83a419410c38f121d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Aug 2023 22:53:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Aug 2023 00:11:16 GMT
Expires: Sun, 20 Aug 2023 00:11:15 GMT
Etag: "d4ec583aa1adb4fe9b91eb2435042cd612df54ff"
Cache-Control: max-age=351406,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7f7503434a8ab51d-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
24b167b364d24336abf63b0f2102a528
8f76705926a857e25a47a102bf4d90c2f896ddac
6779d23d8cfa5f6599b33907f4c3f8f4070d779046fa4483b66e7ce95e4144d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Aug 2023 22:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js

142.250.74.35

200 OK

184 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
ASCII text, with very long lines (570)
Size
184 kB (184483 bytes)
Hash
c3d393e7af29342719105378e6f046b8
66a91c4ad5f5bc8c62e4239d636c729c8565836e
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1

HTTP Headers

GET /recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zabornikahea.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 184483
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Aug 2023 17:41:05 GMT
expires: Tue, 13 Aug 2024 17:41:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105131
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zabornikahea.firebaseapp.com/favicon.ico

199.36.158.100

200 OK

154 B

URL GET HTTP/3
zabornikahea.firebaseapp.com/favicon.ico
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
154 B (154 bytes)
Hash
6d866d9c4568bf7fc03e597e74ce7e28
e1b3d9f0e9cdcb785a94b6c1e1fe651a4ff98dcb
7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 154
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "a1c4bac984d1742493fe67c55c528bebd5b1db85e4afac0bd7027735bc225bee-br"
last-modified: Sat, 12 Aug 2023 10:26:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 15 Aug 2023 22:53:16 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692139997.722716,VS0,VE110
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
24b167b364d24336abf63b0f2102a528
8f76705926a857e25a47a102bf4d90c2f896ddac
6779d23d8cfa5f6599b33907f4c3f8f4070d779046fa4483b66e7ce95e4144d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Aug 2023 22:53:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.ipify.org/?format=json

104.237.62.211

200 OK

21 B

URL GET HTTP/1.1
api.ipify.org/?format=json
IP
104.237.62.211:443
ASN
#18450 WEBNX

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zabornikahea.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Tue, 15 Aug 2023 22:53:16 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin

www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2

216.58.207.228

200 OK

28 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint22:D6:3F:7A:CA:1E:3B:04:40:02:A1:AF:49:B4:02:8E:8D:0E:F9:43
ValidityMon, 17 Jul 2023 08:16:31 GMT - Mon, 09 Oct 2023 08:16:30 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43342)
Size
28 kB (28270 bytes)
Hash
536b047475babc890eb8bc7a27ea26a9
44ff83ea7f576c8cbb5ff059a7c9079de869d89e
0819b627d050315e832b97e78348dade94da427de1eb9d6de261365a1eceddf4

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 15 Aug 2023 22:53:17 GMT
content-security-policy: script-src 'nonce-fydK7HTN_dOPCcIm7EY2PA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28270
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 12:40:58 GMT
expires: Wed, 14 Aug 2024 12:40:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
content-type: text/css
vary: Accept-Encoding
age: 36739
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js

142.250.74.35

200 OK

184 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
ASCII text, with very long lines (570)
Size
184 kB (184483 bytes)
Hash
c3d393e7af29342719105378e6f046b8
66a91c4ad5f5bc8c62e4239d636c729c8565836e
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1

HTTP Headers

GET /recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 184483
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Aug 2023 17:41:05 GMT
expires: Tue, 13 Aug 2024 17:41:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Aug 2023 15:24:26 GMT
expires: Fri, 09 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 458931
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/imask

104.16.123.175

302 Found

40 kB

URL GET HTTP/2
unpkg.com/imask
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
data
Size
40 kB (40065 bytes)
Hash
107573f10b2ee9197d7836ec60947856
684f5f9a1d115621ca097198b1a66c55c5ae0624
9e24d1f263e2d054025d3dfe2e9363fad16855850eb7c42d03959b6c8b096e21

HTTP Headers

GET /imask HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 15 Aug 2023 22:53:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /imask@7.1.3
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H7XP2XF412EY76CGN76N8J05-fra
cf-cache-status: HIT
age: 380
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7f75033b3cbbb521-OSL
X-Firefox-Spdy: h2

www.google.com/recaptcha/api2/webworker.js?hl=en&v=QybaJej5brGL8d7EvWmfKMZU

216.58.207.228

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/api2/webworker.js?hl=en&v=QybaJej5brGL8d7EvWmfKMZU
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint22:D6:3F:7A:CA:1E:3B:04:40:02:A1:AF:49:B4:02:8E:8D:0E:F9:43
ValidityMon, 17 Jul 2023 08:16:31 GMT - Mon, 09 Oct 2023 08:16:30 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
b208adbc89cb20e493c89a870d46d4b0
508b9ae8ce17d60a86b74e400ec176b4e67d188d
8f0570843a4b0e86673611f5b29d7f4555e315587c5e8e109d65c640bd870f91

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=QybaJej5brGL8d7EvWmfKMZU HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Tue, 15 Aug 2023 22:53:17 GMT
date: Tue, 15 Aug 2023 22:53:17 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Aug 2023 14:42:45 GMT
expires: Fri, 18 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 375032
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js

142.250.74.35

200 OK

184 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
ASCII text, with very long lines (570)
Size
184 kB (184483 bytes)
Hash
c3d393e7af29342719105378e6f046b8
66a91c4ad5f5bc8c62e4239d636c729c8565836e
8bdf8c4a14aa3b0a88506c68c507aee00ef4af793e353c15fde9254a6654d2f1

HTTP Headers

GET /recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 184483
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Aug 2023 17:41:05 GMT
expires: Tue, 13 Aug 2024 17:41:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 105132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

unpkg.com/imask@7.1.3

104.16.123.175

302 Found

110 kB

URL GET HTTP/2
unpkg.com/imask@7.1.3
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
110 kB (110109 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /imask@7.1.3 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zabornikahea.firebaseapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 15 Aug 2023 22:53:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /imask@7.1.3/dist/imask.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H5KYCB5FSCW4J2F3BDDA7N9C-arn
cf-cache-status: HIT
age: 2474710
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7f75033bad22b521-OSL
X-Firefox-Spdy: h2

unpkg.com/imask@7.1.3/dist/imask.js

104.16.123.175

200 OK

110 kB

URL GET HTTP/2
unpkg.com/imask@7.1.3/dist/imask.js
IP
104.16.123.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
C++ source, ASCII text, with very long lines (4223)
Size
110 kB (110109 bytes)
Hash
c411b791cf977df363dbd6ab49a417e9
af7c0a6c376bd138f6c966ea86a0e008edd236b3
42e7a5c70376b125d470d570585ff230cd777cfbbd9e4fbedc18d2de0c8dc83d

HTTP Headers

GET /imask@7.1.3/dist/imask.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zabornikahea.firebaseapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Aug 2023 22:53:15 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1ae1d-r3wKbDdr0Tj2yWbqhqDgCO3SNrM"
via: 1.1 fly.io
fly-request-id: 01H5KYCBP8EHN9YJTV40NF5QPJ-arn
cf-cache-status: HIT
age: 2474709
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7f75033bfda7b521-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc5DK8aAAAAAJ88hhNmuKjFN737QQoMp3-DcxzX&co=aHR0cHM6Ly96YWJvcm5pa2FoZWEuZmlyZWJhc2VhcHAuY29tOjQ0Mw..&hl=en&v=QybaJej5brGL8d7EvWmfKMZU&size=invisible&cb=uo9cakrhcdl2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintCC:0B:9E:F2:35:30:16:40:11:59:40:74:E5:04:3C:D5:D2:3C:30:70
ValidityMon, 17 Jul 2023 08:21:33 GMT - Mon, 09 Oct 2023 08:21:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Aug 2023 22:48:45 GMT
expires: Wed, 14 Aug 2024 22:48:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.png

0.0.0.0

0 B

URL GET
zabornikahea.firebaseapp.com/assets/images/logo_text_de-20200819.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo_text_de-20200819.png HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

zabornikahea.firebaseapp.com/assets/images/logo-20200819.png

0.0.0.0

0 B

URL GET
zabornikahea.firebaseapp.com/assets/images/logo-20200819.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectfirebaseapp.com
Fingerprint79:8D:A1:4F:04:78:14:CA:17:53:59:2E:6D:7E:38:18:23:A4:BD:ED
ValidityMon, 10 Jul 2023 14:07:14 GMT - Sun, 08 Oct 2023 14:07:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	SBB
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo-20200819.png HTTP/1.1
Host: zabornikahea.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

d27la2n6wh4qws.cloudfront.net/1.11.157/assets/resources/img/logo.svg

143.204.42.156

200 OK

7.4 kB

URL GET HTTP/2
d27la2n6wh4qws.cloudfront.net/1.11.157/assets/resources/img/logo.svg
IP
143.204.42.156:443
ASN
#16509 AMAZON-02

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (7388), with no line terminators
Size
7.4 kB (7374 bytes)
Hash
b38671fbf5294b835071dfd540218bb7
6e2d37ad603802a23d75a234bf03fa8c32767d2a
885293d3fddd7ded6d0c21260b8933f75faac5fe0883c338fbc67ca163b9bf73

HTTP Headers

GET /1.11.157/assets/resources/img/logo.svg HTTP/1.1
Host: d27la2n6wh4qws.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 15 Aug 2023 22:53:17 GMT
last-modified: Tue, 16 May 2023 11:19:24 GMT
etag: W/"795242580bfa3135028bd0750fdc1654"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
server: AmazonS3
content-encoding: br
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Bi8wEeBHqzOkZwt8CqQ_Sc2FEdeqmbDurn_qkJZdUVOukc77GrqjJQ==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

api.ipapi.com/api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba

188.114.97.1

200 OK

163 B

URL GET HTTP/2
api.ipapi.com/api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zabornikahea.firebaseapp.com/
Certificate
IssuerCloudflare, Inc.
Subjectipapi.com
FingerprintAA:A3:50:F7:FB:9B:98:9C:FF:B7:9A:4E:97:C9:6F:56:56:F3:EF:94
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
32994da2af5542da37a1c935f152f2cc
02b587917124e7e0a28c38427fa0148773c2387c
24623827e8b56d342b981fca2dc5dc136b420cd42478cba20315ba1ad1157d66

HTTP Headers

GET /api/91.90.42.154?access_key=722c3aeddcac7361ed0ebde3f3273cba HTTP/1.1
Host: api.ipapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zabornikahea.firebaseapp.com
DNT: 1
Connection: keep-alive
Referer: https://zabornikahea.firebaseapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Aug 2023 22:53:17 GMT
content-type: application/json; Charset=UTF-8
x-apilayer-transaction-id: ee0a08d0-8c83-45a5-82c8-4cfea988040c
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
x-request-time: 0.006
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhnOVNzOGbZC5VadANQtXGZPx0wU%2BeBTu9RHobsIyoHUr%2Fy%2FlFNX5pYPit8on838z89KP80QC%2BfCpmY3Lw5FJ6sa%2FJ5D%2BCthp9pomVaMSKd%2FWUYwRhIyIZRActya2lJU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 7f7503454a900b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash