wick.melindaarmbruster.com Open in urlscan Pro
104.55.158.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wick.melindaarmbruster.com/
Submission Tags: phishingrod
Submission: On August 15 via api (August 15th 2024, 10:36:21 am UTC) from DE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 104.55.158.163, located in Spring Hill, United States and belongs to ATT-INTERNET4, US. The main domain is wick.melindaarmbruster.com.
TLS certificate: Issued by E5 on August 14th 2024. Valid for: 3 months.

This is the only time wick.melindaarmbruster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.55.158.163 104.55.158.163	7018 (ATT-INTER...) (ATT-INTERNET4)
4	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
17	3

11 104.55.158.163 (Spring Hill, United States)

ASN7018 (ATT-INTERNET4, US)
PTR: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net

wick.melindaarmbruster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	melindaarmbruster.com wick.melindaarmbruster.com	645 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	140 KB
17	2

	Domain	Requested by
11	wick.melindaarmbruster.com	wick.melindaarmbruster.com
4	cdn.jsdelivr.net	wick.melindaarmbruster.com cdn.jsdelivr.net
17	2

This site contains no links.

Subject Issuer	Validity	Valid
wick.melindaarmbruster.com E5	`2024-08-14` - `2024-11-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wick.melindaarmbruster.com/
Frame ID: C587FC395552D72C838B5560B83D7C59
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wick Botanica

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

17
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

784 kB
Transfer

2766 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wick.melindaarmbruster.com/ 949 B
749 B 396ms
122ms Document
text/html 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 5bbe612ea922afed4878fc448b39ebd6c7d0a92ea21350a204d72b926b3d8f46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Aug 2024 10:36:00 GMT
etag: W/"3b5-17a05b28b28"
last-modified: Sun, 13 Jun 2021 14:07:05 GMT
server: openresty
vary: Accept-Encoding
x-powered-by: Express
x-served-by: wick.melindaarmbruster.com

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/ 150 KB
25 KB 37ms
9ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css

Requested by

Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9eaec9d24b1ee74ba959d3625d10ecb8677f0247da1f3d215fc1e0094b020126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wick.melindaarmbruster.com/
Origin: https://wick.melindaarmbruster.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Aug 2024 10:36:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1930192
x-jsd-version: 5.0.0-beta2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24920
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: version
etag: W/"2573a-gqO6J5BRckWFq3N+rstGLiN6o34"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/ 62 KB
9 KB 35ms
7ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css

Requested by

Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae5411204cb019e140c148e653dbcb4ec85cba2e079ff58ffbea5530879f4a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Aug 2024 10:36:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 709987
x-jsd-version: 1.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8417
x-served-by: cache-fra-eddf8230135-FRA
x-jsd-version-type: version
etag: W/"f8b2-e/XUGWjVPBAVuMWpokxu9uWIqng"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
wick.melindaarmbruster.com/ 733 B
972 B 278ms
277ms Stylesheet
text/css 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/style.css
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 8d090cebeb3a8944788520e3873fc04c4bf603c3f66a8f3d008ac648becefbc1

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:00 GMT
last-modified: Sun, 13 Jun 2021 14:03:25 GMT
server: openresty
x-powered-by: Express
etag: W/"2dd-17a05af2fc8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 733
x-served-by: wick.melindaarmbruster.com

GET
H2 200 bundle.js Show response
wick.melindaarmbruster.com/ 2 MB
416 KB 232ms
232ms Script
application/javascript 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/bundle.js
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 702dd7df7a7bf1fe3a7a3ee1f90ad169e02df007e3959cca6cfe51fb452baf78

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:00 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 15:01:33 GMT
server: openresty
x-powered-by: Express
etag: W/"207d4a-17a05e468c8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-served-by: wick.melindaarmbruster.com

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/js/ 78 KB
23 KB 37ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/js/bootstrap.bundle.min.js

Requested by

Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5f6d1cd9dfac2e3e8794297cae7b0acb3b371f81d3b6a2f738a33b9845632ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wick.melindaarmbruster.com/
Origin: https://wick.melindaarmbruster.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Aug 2024 10:36:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1823499
x-jsd-version: 5.0.0-beta2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23505
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: version
etag: W/"13959-wU1JYET6lDtu5Q6aYn/N6BT6oLY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
wick.melindaarmbruster.com/socket.io/ 103 B
277 B 122ms
113ms XHR
text/plain 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc-aA
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty /
Resource Hash: d7915cfb47d7e18b88b741140350d3f51cb240181a7d60c1b9351b0dab0577cf

Request headers

Accept: */*
Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Aug 2024 10:36:06 GMT
x-served-by: wick.melindaarmbruster.com
server: openresty
content-length: 103
content-type: text/plain; charset=UTF-8

GET
H2 200 me Show response
wick.melindaarmbruster.com/auth/ 0
143 B 124ms
121ms XHR
application/json 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/auth/me
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-served-by: wick.melindaarmbruster.com
date: Thu, 15 Aug 2024 10:36:06 GMT
server: openresty
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 candle-14.jpg
wick.melindaarmbruster.com/images/ 124 KB
125 KB 376ms
374ms Image
image/jpeg 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wick.melindaarmbruster.com/images/candle-14.jpg
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 06215ef969d0355f75eb571250695f796191348bbf9ba5e7cb1ffb023456724a

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:06 GMT
last-modified: Sun, 13 Jun 2021 14:03:25 GMT
server: openresty
x-powered-by: Express
etag: W/"1f1a2-17a05af2fc8"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 127394
x-served-by: wick.melindaarmbruster.com

GET
H2 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/fonts/ 83 KB
83 KB 9ms
8ms Font
font/woff2 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/fonts/bootstrap-icons.woff2?8bd4575acf83c7696dc7a14a966660a3

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.4.0/font/bootstrap-icons.css
Origin: https://wick.melindaarmbruster.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Aug 2024 10:36:06 GMT
x-content-type-options: nosniff
age: 730553
x-jsd-version: 1.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 85044
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: version
etag: W/"14c34-IxTU1z3Z7Xqi+dGNReccoEQKwKk"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET /
wick.melindaarmbruster.com/socket.io/ 0
0

GET
H2 200 favicon.ico
wick.melindaarmbruster.com/ 15 KB
5 KB 146ms
130ms Other
image/x-icon 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 50d79fee9a64c755a2b88cfc802f2f92514af70f315a0c5a825e5b9ed2cfc93a

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:09 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 14:03:25 GMT
server: openresty
x-powered-by: Express
etag: W/"3c2e-17a05af2fc8"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=0
accept-ranges: bytes
x-served-by: wick.melindaarmbruster.com

POST
H2 400 / Show response
wick.melindaarmbruster.com/socket.io/ 41 B
181 B 145ms
119ms XHR
application/json 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc_Yd&sid=iNbUM33iYc-wwvv1AAD_
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty /
Resource Hash: 8acac48bc106c4eae580c08071597f9dafab96d959deff65bec44514da907b1d

Request headers

Accept: */*
Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://wick.melindaarmbruster.com
date: Thu, 15 Aug 2024 10:36:10 GMT
access-control-allow-credentials: true
server: openresty
content-type: application/json

GET
H2 200 / Show response
wick.melindaarmbruster.com/socket.io/ 103 B
278 B 123ms
123ms XHR
text/plain 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc_vc
Requested by: Host: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty /
Resource Hash: 0e125fe00cd9607852160a384e412cc4d322f2b4d7321c15121abccf2361244f

Request headers

Accept: */*
Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Aug 2024 10:36:12 GMT
x-served-by: wick.melindaarmbruster.com
server: openresty
content-length: 103
content-type: text/plain; charset=UTF-8

GET /
wick.melindaarmbruster.com/socket.io/ 0
0

GET
H2 200 candle-22.jpg
wick.melindaarmbruster.com/images/ 97 KB
97 KB 243ms
235ms Image
image/jpeg 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wick.melindaarmbruster.com/images/candle-22.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash: 5a2fb8a10952bdf6a7acc5bde7d48a44ca520a4a05d7dd13b061921b38f04b3a

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:14 GMT
last-modified: Sun, 13 Jun 2021 14:03:25 GMT
server: openresty
x-powered-by: Express
etag: W/"182b3-17a05af2fc8"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 98995
x-served-by: wick.melindaarmbruster.com

GET
H2 200 candle-15.jpg
wick.melindaarmbruster.com/images/ 76 KB
0 127ms
126ms Image
image/jpeg 104.55.158.163
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wick.melindaarmbruster.com/images/candle-15.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.55.158.163 Spring Hill, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: 104-55-158-163.lightspeed.nsvltn.sbcglobal.net
Software: openresty / Express
Resource Hash

Request headers

Referer: https://wick.melindaarmbruster.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 15 Aug 2024 10:36:19 GMT
last-modified: Sun, 13 Jun 2021 14:03:25 GMT
server: openresty
x-powered-by: Express
etag: W/"1e183-17a05af2fc8"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 123267
x-served-by: wick.melindaarmbruster.com

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc-cF&sid=iNbUM33iYc-wwvv1AAD_

Domain: wick.melindaarmbruster.com
URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc_xc&sid=CJpfVrtfwzXOxTizAAEA

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wick.melindaarmbruster.com/	1969-12-31 23:59:59	Name: io Value: iNbUM33iYc-wwvv1AAD_

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wick.melindaarmbruster.com/bundle.js(Line 20731) Message: WebSocket connection to 'wss://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=websocket&sid=iNbUM33iYc-wwvv1AAD_' failed: Error during WebSocket handshake: Unexpected response code: 400
network	error	URL: https://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=polling&t=P5Lc_Yd&sid=iNbUM33iYc-wwvv1AAD_ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://wick.melindaarmbruster.com/bundle.js(Line 20731) Message: WebSocket connection to 'wss://wick.melindaarmbruster.com/socket.io/?EIO=3&transport=websocket&sid=CJpfVrtfwzXOxTizAAEA' failed: Error during WebSocket handshake: Unexpected response code: 400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
wick.melindaarmbruster.com
wick.melindaarmbruster.com
104.55.158.163
2a04:4e42:600::485
06215ef969d0355f75eb571250695f796191348bbf9ba5e7cb1ffb023456724a
0e125fe00cd9607852160a384e412cc4d322f2b4d7321c15121abccf2361244f
50d79fee9a64c755a2b88cfc802f2f92514af70f315a0c5a825e5b9ed2cfc93a
5a2fb8a10952bdf6a7acc5bde7d48a44ca520a4a05d7dd13b061921b38f04b3a
5bbe612ea922afed4878fc448b39ebd6c7d0a92ea21350a204d72b926b3d8f46
702dd7df7a7bf1fe3a7a3ee1f90ad169e02df007e3959cca6cfe51fb452baf78
856b3f9e0df4f7061c8948021c7cc6e6263d96c48161e7fe9e4fbefd0c69a085
8acac48bc106c4eae580c08071597f9dafab96d959deff65bec44514da907b1d
8d090cebeb3a8944788520e3873fc04c4bf603c3f66a8f3d008ac648becefbc1
9eaec9d24b1ee74ba959d3625d10ecb8677f0247da1f3d215fc1e0094b020126
ae5411204cb019e140c148e653dbcb4ec85cba2e079ff58ffbea5530879f4a76
b5f6d1cd9dfac2e3e8794297cae7b0acb3b371f81d3b6a2f738a33b9845632ce
d7915cfb47d7e18b88b741140350d3f51cb240181a7d60c1b9351b0dab0577cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

wick.melindaarmbruster.com Open in urlscan Pro 104.55.158.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

784 kBTransfer

2766 kBSize

1 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

wick.melindaarmbruster.com Open in urlscan Pro
104.55.158.163 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

784 kB
Transfer

2766 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions