vigorous-fuzzy-surprise.glitch.me Open in urlscan Pro
34.206.147.71  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://intelligentclient-schawd.com/ Page URL
2. https://vigorous-fuzzy-surprise.glitch.me/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response intelligentclient-schawd.com/	1 KB 702 B	87ms 26ms	Document text/html	49.12.82.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://intelligentclient-schawd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.82.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.lytehosting.com Software LiteSpeed / Resource Hash c18a2bebe5e97f0b1f83f541d61c2d06c69b162231a9b95907d4fc0e3d01dd12 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 448 content-type text/html date Sun, 07 Apr 2024 11:41:42 GMT last-modified Sat, 06 Apr 2024 20:32:08 GMT server LiteSpeed vary Accept-Encoding
GET H2	404	mvc_content_style.css intelligentclient-schawd.com/Brain_Bofa/	0 0	25ms 24ms	Stylesheet text/html	49.12.82.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://intelligentclient-schawd.com/Brain_Bofa/mvc_content_style.css Requested by Host: intelligentclient-schawd.com URL: https://intelligentclient-schawd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.82.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.lytehosting.com Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://intelligentclient-schawd.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Apr 2024 11:41:42 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	404	mvc_header_footer_style.css intelligentclient-schawd.com/Brain_Bofa/	0 0	25ms 25ms	Stylesheet text/html	49.12.82.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://intelligentclient-schawd.com/Brain_Bofa/mvc_header_footer_style.css Requested by Host: intelligentclient-schawd.com URL: https://intelligentclient-schawd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.82.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.lytehosting.com Software LiteSpeed / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://intelligentclient-schawd.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Apr 2024 11:41:42 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	404	dot_clear.gif intelligentclient-schawd.com/Brain_Bofa/	1 KB 1 KB	25ms 24ms	Image text/html	49.12.82.250 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://intelligentclient-schawd.com/Brain_Bofa/dot_clear.gif Requested by Host: intelligentclient-schawd.com URL: https://intelligentclient-schawd.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.82.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.lytehosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://intelligentclient-schawd.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Apr 2024 11:41:42 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	404	favicon.ico intelligentclient-schawd.com/	1 KB 1 KB	24ms 24ms	Other text/html	49.12.82.250 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://intelligentclient-schawd.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 49.12.82.250 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS server4.lytehosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://intelligentclient-schawd.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 07 Apr 2024 11:41:42 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	Primary Request / Show response vigorous-fuzzy-surprise.glitch.me/	53 KB 53 KB	505ms 266ms	Document text/html	34.206.147.71 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.206.147.71 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-206-147-71.compute-1.amazonaws.com Software AmazonS3 / Resource Hash ba3a55f8083f39ba1a693cffc7ef3980d7150132e202e632424257671744f2f6 Request headers Referer https://intelligentclient-schawd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control no-cache content-length 54133 content-type text/html; charset=utf-8 date Sun, 07 Apr 2024 11:41:44 GMT etag "515d0d0847d3146df78b491469279470" last-modified Thu, 29 Feb 2024 16:03:33 GMT server AmazonS3 x-amz-id-2 bXc/vi01rjBOJWT9qkgGiPATZ9DaheLiEU9wBvppQFyLb7jOvT1+eajL7cdgmcZqwjVg4CFbBrBRc5YEUH27sWjfOope+5g6 x-amz-request-id TE464MFDKRBPEAFX x-amz-server-side-encryption AES256 x-amz-version-id H.wcZSJi.mbYfxOzuAIUDFdlS0HxiRtZ
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	76ms 22ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1115532 x-cache HIT, HIT content-length 30879 x-served-by cache-lga21981-LGA, cache-fra-etou8220053-FRA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1712490104.303885,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 42, 5973
GET H2	200	aol-main.css s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/	514 KB 116 KB	96ms 29ms	Stylesheet text/css	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/aol-main.css Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 0894adbb82b3e764c4ee6ed6a26d1b4391eccc2c99100307c155e429f137dd6a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1, 1 date Sat, 09 Mar 2024 20:59:21 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-request-id JKVKMT5QVVYXS90J age 2472144 x-amz-server-side-encryption AES256 content-length 117986 x-amz-id-2 75HuvJUQ+p5aHFThlsbe9559EDcDdEPrqoDXRMYKBd+mL85L9XXDAA/rl6/WUqxGtLVENPMdhFA= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Sep 2022 20:37:58 GMT server ATS etag "357f5c50cb98ed85902ee3bdb08d22b1-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type text/css cache-control public,max-age=31536000 accept-ranges bytes
GET H2	200	JCvCobp.jpg i.imgur.com/	5 KB 6 KB	88ms 28ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/JCvCobp.jpg Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 82b584fee8e080e740bedf83efcc633ebcf1f42695da0f36a59f6d2f28f1e8c4 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 60039 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 5426 x-served-by cache-iad-kcgs7200048-IAD, cache-fra-etou8220151-FRA last-modified Wed, 08 Nov 2023 17:58:44 GMT server cat factory 1.0 x-timer S1712490104.316372,VS0,VE1 etag "3a8d40614d3773cbb17b769d628580ed" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id 7ebL7VM1AEAo-1w9xdJFceRTMgzaRV_FMiNpvWVkDO-LuKbe4OvnvQ== x-cache-hits 10, 1
GET H2	200	RCIVlTl.png i.imgur.com/	50 KB 50 KB	27ms 27ms	Image image/png	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/RCIVlTl.png Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash f22130ce947de91ce222cf5f237bcc5b42bd6970c87d91bfa1dba3db50724df6 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 73195 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 50752 x-served-by cache-iad-kjyo7100160-IAD, cache-fra-etou8220151-FRA last-modified Wed, 08 Nov 2023 17:57:26 GMT server cat factory 1.0 x-timer S1712490104.349718,VS0,VE1 etag "17f10f4e8189aea229fb45273226e446" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id JJSPZuJG5GNAlSD5TOYyT_algSpB1GsZDNiBXPskBa1SBuP4s7NdNA== x-cache-hits 12, 1
GET H2	200	rapid-3.53.30.js Show response s.yimg.com/ss/	49 KB 18 KB	66ms 65ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/ss/rapid-3.53.30.js Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 7bc917ebee12bcd521ae88840228032579459c25a3ccf8953d8a2dbe5e085be9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1, 1 date Thu, 14 Mar 2024 11:37:21 GMT x-amz-version-id .Bcg25AHAdRCkTvv5tMdNmGVEjznZ_m3 content-encoding gzip strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id V0KC7YFD4Z36XE95 age 2073865 x-amz-server-side-encryption AES256 content-length 17971 x-amz-id-2 jvNysyN2C1mqvj563knZQ3ObGh8PJ5+1d1XUlk55gANaaJkYXSvfffty64L8I/9Q4bFsNzw2QpY= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Tue, 29 Jun 2021 01:45:07 GMT server ATS etag "665798d28ecf9be7cbc434e75267920d-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=31536000, immutable accept-ranges bytes
GET H2	200	bundle.js Show response s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/	179 KB 49 KB	67ms 66ms	Script application/javascript	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/bundle.js Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 7355921cfd6f209acd1b5ca314ef1736f30dd659902b0ced61c9cc2932f0ae8d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1 date Thu, 04 Apr 2024 13:52:30 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-request-id TGXX7D053AX6CSVP age 251355 x-amz-server-side-encryption AES256 x-amz-id-2 F30b5FO0W5s2UxUtUiI5pbCHJ+lNn9H64B7XqY2xI//1JG/SmRtUm6XjlqQ6d1DxKd84tc+fOc7rw0N1brHZqME4YPpRvHg7 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 23 Sep 2022 20:37:58 GMT server ATS etag "09c0ba00b15dd048337771c2c57ef555-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin, Accept-Encoding content-type application/javascript cache-control public,max-age=31536000 accept-ranges bytes
GET H2	200	Hr9aROR.png i.imgur.com/	411 KB 412 KB	29ms 29ms	Image image/png	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Hr9aROR.png Requested by Host: vigorous-fuzzy-surprise.glitch.me URL: https://vigorous-fuzzy-surprise.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash bc561816545710aa36c98bda7514a1ac28f09a6541324192495d296d7b59ee62 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 430691 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT x-amz-storage-class STANDARD_IA content-length 421315 x-served-by cache-iad-kjyo7100069-IAD, cache-fra-etou8220151-FRA last-modified Mon, 25 Sep 2023 11:46:57 GMT server cat factory 1.0 x-timer S1712490104.449618,VS0,VE2 etag "423805aed9813624ab14591caecc26a7" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id QTVks0pTExsPZJHo4mGMM58FCTZQKatn1ympCt9dzLXdCMlfBOZL1Q== x-cache-hits 3, 1
GET H2	200	checkbox-unchecked.svg s.yimg.com/wm/mbr/images/	733 B 992 B	27ms 27ms	Image image/svg+xml	2a00:1288:80:807::1 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://s.yimg.com/wm/mbr/images/checkbox-unchecked.svg Requested by Host: s.yimg.com URL: https://s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/aol-main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash c25f3a57f7858de738e2f3cd49ae322e7d02d70484cf7b6dde7de302eb033aa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://s.yimg.com/wm/mbr/d5afdaa7f1d79451d338571572647cad57ec4fbf/aol-main.css accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ats-carp-promotion 1, 1 date Tue, 27 Feb 2024 01:49:53 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff x-amz-request-id P1FA1PFDVZR52B82 age 3491512 x-amz-server-side-encryption AES256 content-length 733 x-amz-id-2 FwKq5dqij/fmIYNYDF1SInNxFhQFlnkGszOhAXFLKSAeDmePCnQrnyCHiOu7YYx3v+k9FvQt/c8= x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 24 Apr 2020 17:13:52 GMT server ATS etag "f456007284e4510464d9dfddabd3fb0e" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" vary Origin content-type image/svg+xml cache-control public,max-age=315360000 accept-ranges bytes
GET H2	200	HyrqPFa.png i.imgur.com/	403 B 817 B	27ms 27ms	Other image/png	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i.imgur.com/HyrqPFa.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash eb82ee3a5df378e7cf0207b3f46bcf26489baa85538e75b91cd370979eb185f2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 58072 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 403 x-served-by cache-iad-kjyo7100175-IAD, cache-fra-etou8220151-FRA last-modified Thu, 21 Sep 2023 22:06:49 GMT server cat factory 1.0 x-timer S1712490105.551898,VS0,VE1 etag "735d512e6192aa2534874bad1918f345" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id -FLi2qwBa-yHIYxZy3nMvASop4yf86eP702zRCiHKYj01qVXT9N61A== x-cache-hits 17, 1
GET H2	200	HyrqPFa.png i.imgur.com/	403 B 483 B	27ms 26ms	Other image/png	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i.imgur.com/HyrqPFa.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash eb82ee3a5df378e7cf0207b3f46bcf26489baa85538e75b91cd370979eb185f2 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://vigorous-fuzzy-surprise.glitch.me/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Apr 2024 11:41:44 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 58072 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 403 x-served-by cache-iad-kjyo7100175-IAD, cache-fra-etou8220151-FRA last-modified Thu, 21 Sep 2023 22:06:49 GMT server cat factory 1.0 x-timer S1712490105.581741,VS0,VE0 etag "735d512e6192aa2534874bad1918f345" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id -FLi2qwBa-yHIYxZy3nMvASop4yf86eP702zRCiHKYj01qVXT9N61A== x-cache-hits 17, 2

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| pageStartTime object| oldError boolean| isGoodJS object| YUI_config string| COMET_URL object| I13N_config object| challenge string| currentURL object| COUNTRY_CODES_MAP boolean| enforceCountryCodeDropDown boolean| isIOSDevice function| mbrSendError object| YAHOO object| jsModules boolean| mbrJSLoaded function| checkAssets string| user object| payload string| path string| framework

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://intelligentclient-schawd.com/Brain_Bofa/mvc_content_style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://intelligentclient-schawd.com/Brain_Bofa/mvc_header_footer_style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://intelligentclient-schawd.com/Brain_Bofa/dot_clear.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://intelligentclient-schawd.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://vigorous-fuzzy-surprise.glitch.me/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://vigorous-fuzzy-surprise.glitch.me/ Message: [DOM] Password forms should have (optionally hidden) username fields for accessibility: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
i.imgur.com
intelligentclient-schawd.com
s.yimg.com
vigorous-fuzzy-surprise.glitch.me
146.75.120.193
2a00:1288:80:807::1
2a04:4e42::649
34.206.147.71
49.12.82.250
0894adbb82b3e764c4ee6ed6a26d1b4391eccc2c99100307c155e429f137dd6a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
7355921cfd6f209acd1b5ca314ef1736f30dd659902b0ced61c9cc2932f0ae8d
7bc917ebee12bcd521ae88840228032579459c25a3ccf8953d8a2dbe5e085be9
82b584fee8e080e740bedf83efcc633ebcf1f42695da0f36a59f6d2f28f1e8c4
ba3a55f8083f39ba1a693cffc7ef3980d7150132e202e632424257671744f2f6
bc561816545710aa36c98bda7514a1ac28f09a6541324192495d296d7b59ee62
c18a2bebe5e97f0b1f83f541d61c2d06c69b162231a9b95907d4fc0e3d01dd12
c25f3a57f7858de738e2f3cd49ae322e7d02d70484cf7b6dde7de302eb033aa8
eb82ee3a5df378e7cf0207b3f46bcf26489baa85538e75b91cd370979eb185f2
f22130ce947de91ce222cf5f237bcc5b42bd6970c87d91bfa1dba3db50724df6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d