insights.xamplifier.com Open in urlscan Pro
54.70.179.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen84.com/s2t/c/5/f18dQhb0S7kF8bWxlzW1jkgW159hl3kW7_k2847sCVdpW3KmHHx2RgCZPVVmGtV5q7_cl102?te=W3R5hFj4cm2z...
Effective URL:
https://insights.xamplifier.com/login
Submission: On June 25 via manual (June 25th 2021, 3:27:36 pm UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 54.70.179.204, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is insights.xamplifier.com.
TLS certificate: Issued by R3 on May 26th 2021. Valid for: 3 months.

This is the only time insights.xamplifier.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:676		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	54.70.179.204 54.70.179.204		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a		15169 (GOOGLE) (GOOGLE)
2	23.111.9.35 23.111.9.35		33438 (HIGHWINDS2) (HIGHWINDS2)
8	3

1 2606:4700::6812:676 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen84.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.70.179.204 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-179-204.us-west-2.compute.amazonaws.com

insights.xamplifier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	xamplifier.com insights.xamplifier.com	344 KB
2	fontawesome.com use.fontawesome.com	78 KB
1	googleapis.com fonts.googleapis.com	651 B
1	sidekickopen84.com 1 redirects t.sidekickopen84.com	536 B
8	4

	Domain	Requested by
5	insights.xamplifier.com	insights.xamplifier.com
2	use.fontawesome.com	insights.xamplifier.com use.fontawesome.com
1	fonts.googleapis.com	insights.xamplifier.com
1	t.sidekickopen84.com	1 redirects
8	4

This site contains no links.

Subject Issuer	Validity	Valid
insights.xamplifier.com R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://insights.xamplifier.com/login
Frame ID: 7F697E7FA6204B1F269068DD00F30EA4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.sidekickopen84.com/s2t/c/5/f18dQhb0S7kF8bWxlzW1jkgW159hl3kW7_k2847sCVdpW3KmHHx2RgCZPVVmGtV5q7_c... HTTP 307
https://insights.xamplifier.com/login Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

423 kB
Transfer

458 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen84.com/s2t/c/5/f18dQhb0S7kF8bWxlzW1jkgW159hl3kW7_k2847sCVdpW3KmHHx2RgCZPVVmGtV5q7_cl102?te=W3R5hFj4cm2zwW3T1lbS3P1MrDW1JJdGZ45RjWqW3SZBRl3Fbt5Sn3ZZn77223&si=7000000000321482&pi=f7fbdbea-ef2c-4a3e-b06b-38c7463e1157 HTTP 307
https://insights.xamplifier.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set login Show response
insights.xamplifier.com/
Redirect Chain

https://t.sidekickopen84.com/s2t/c/5/f18dQhb0S7kF8bWxlzW1jkgW159hl3kW7_k2847sCVdpW3KmHHx2RgCZPVVmGtV5q7_cl102?te=W3R5hFj4cm2zwW3T1lbS3P1MrDW1JJdGZ45RjWqW3SZBRl3Fbt5Sn3ZZn77223&si=7000000000321482&p...
https://insights.xamplifier.com/login

4 KB
5 KB

1637ms
510ms

Document
text/html

54.70.179.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.xamplifier.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.179.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-179-204.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12 / PHP/7.4.12
Resource Hash: d82a224f727a2a0321fe96c54f8fbcb5fa64b405c550afd5aad8bb4728d8f55e

Request headers

Host: insights.xamplifier.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 15:27:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12
X-Powered-By: PHP/7.4.12
Cache-Control: no-cache, private
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Content-Type, authorization, X-Auth-Token, Origin
Access-Control-Max-Age: 600
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D; expires=Fri, 25-Jun-2021 17:27:17 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D; expires=Fri, 25-Jun-2021 17:27:17 GMT; Max-Age=7200; path=/; httponly
Content-Length: 3699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Fri, 25 Jun 2021 15:27:15 GMT
set-cookie: _hetc=55d65200-436e-4b55-8fba-80048dca5e6d|1624634835803|ACOD57cwLAIUe8QbabaWlb8jvEl76XKgb3oPZJACFBC/AJlWityA16asNYYq/cAFq/Po;Version=1;Comment=;Domain=t.sidekickopen84.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://insights.xamplifier.com/login>; rel="canonical"
location: https://insights.xamplifier.com/login
referrer-policy: no-referrer
x-hubspot-correlation-id: f82997eb-a479-4f41-be60-c996931e1a24
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 0ae56159cf00004e4fc60ce000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 664f38094b9d4e4f-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
651 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,600

Requested by

Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5d897fdfaf5bedcf10a4478849211f8a480adcd6e151da038f8696d34bd238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://insights.xamplifier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 14:18:43 GMT
server: ESF
date: Fri, 25 Jun 2021 15:27:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Jun 2021 15:27:17 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
12 KB 34ms
25ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Origin: https://insights.xamplifier.com
Referer: https://insights.xamplifier.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:27:17 GMT
content-encoding: gzip
last-modified: Tue, 28 Aug 2018 18:00:36 GMT
server: NetDNA-cache/2.2
etag: W/"10519cfd3206802f58315b877a9beab5"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK appMigrate.css
insights.xamplifier.com/css/ 319 KB
320 KB 190ms
180ms Stylesheet
text/css 54.70.179.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insights.xamplifier.com/css/appMigrate.css
Requested by: Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.179.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-179-204.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12 /
Resource Hash: 5554b6881e7438056758064cc95cd9df106d21310914fb5caa057c928503c187

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: insights.xamplifier.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://insights.xamplifier.com/login
Cookie: XSRF-TOKEN=eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D; laravel_session=eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D
Connection: keep-alive
Referer: https://insights.xamplifier.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 15:27:17 GMT
Last-Modified: Thu, 17 Jun 2021 13:28:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12
ETag: "4fd77-5c4f62f637aeb"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 327031

GET
H/1.1 200
OK logo-login.png
insights.xamplifier.com/img/ 18 KB
18 KB 560ms
186ms Image
image/png 54.70.179.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insights.xamplifier.com/img/logo-login.png
Requested by: Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.179.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-179-204.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12 /
Resource Hash: eeb0c67825f41d29174452d1096a066959c1977cecd163b8be9663d5f09bde45

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: insights.xamplifier.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://insights.xamplifier.com/login
Cookie: XSRF-TOKEN=eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D; laravel_session=eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D
Connection: keep-alive
Referer: https://insights.xamplifier.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 15:27:17 GMT
Last-Modified: Thu, 17 Jun 2021 17:41:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12
ETag: "4610-5c4f9b8ed1800"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17936

GET
H/1.1 200
OK mouse-pointer.svg
insights.xamplifier.com/svg/ 327 B
645 B 183ms
182ms Image
image/svg+xml 54.70.179.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insights.xamplifier.com/svg/mouse-pointer.svg
Requested by: Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/css/appMigrate.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.179.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-179-204.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12 /
Resource Hash: 0227d5c25f5d4be1dd1d7bb60c30d64a49df59e13bd5c0e012c5fd2ae569e16f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: insights.xamplifier.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://insights.xamplifier.com/css/appMigrate.css
Cookie: XSRF-TOKEN=eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D; laravel_session=eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D
Connection: keep-alive
Referer: https://insights.xamplifier.com/css/appMigrate.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 15:27:18 GMT
Last-Modified: Thu, 17 Jun 2021 17:41:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12
ETag: "147-5c4f9b8ed1800"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 327

GET
H/1.1 200
OK hand.svg
insights.xamplifier.com/svg/ 736 B
1 KB 187ms
186ms Image
image/svg+xml 54.70.179.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insights.xamplifier.com/svg/hand.svg
Requested by: Host: insights.xamplifier.com
URL: https://insights.xamplifier.com/css/appMigrate.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.70.179.204 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-70-179-204.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12 /
Resource Hash: 2715374bcd07f53a9327a6fd755cf7ed9495b6fdbcf3259f78ad07445952409a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: insights.xamplifier.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://insights.xamplifier.com/css/appMigrate.css
Cookie: XSRF-TOKEN=eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D; laravel_session=eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D
Connection: keep-alive
Referer: https://insights.xamplifier.com/css/appMigrate.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 15:27:18 GMT
Last-Modified: Thu, 17 Jun 2021 17:41:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.12
ETag: "2e0-5c4f9b8ed1800"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 736

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
66 KB 24ms
23ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Origin: https://insights.xamplifier.com
Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 15:27:18 GMT
last-modified: Tue, 28 Aug 2018 18:00:53 GMT
server: NetDNA-cache/2.2
etag: "14a08198ec7d1eb96d515362293fed36"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 67400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			insights.xamplifier.com/	1970-01-19 19:17:22	Name: laravel_session Value: eyJpdiI6IlBjNTV2c2NBaHQ1UXRvUDh6R2s1OFE9PSIsInZhbHVlIjoid2h2cHhrczlDbG9OeEE4V243cVVJZ2N6T2J6QUh4U29RZUZlaEJWRm40akpYakd6V0VBQmxLM09cLzd3QTNcL0RXaWxYZ2JEK2psM0wyN2pIcVUyM0lqcmdSdGJmbHlhVG9ZNU5KNEs5azdhekNZZ04rYjJWUWxQaTlIU2ZUY0RwSiIsIm1hYyI6IjU3ZGZlYjhlMGZlNmM5YjlmMjFiNmJiM2Q2YjU2MzczZDEzYzA5NmExOTJmODA3NTZiOGQxNDI5M2UxYTNhMmMifQ%3D%3D
			insights.xamplifier.com/	1970-01-19 19:17:22	Name: XSRF-TOKEN Value: eyJpdiI6IlZQZXRWK3NUdmQyb1crQnNSQ3FrTmc9PSIsInZhbHVlIjoiQWZ6bWdrWDJpK2l3KzNUeVRrTXdkUk1QdzAyYTJHOEdpVVlKYVR0aUY0V0hpVWhYQTY5YTgrbDFweFwvTXJpMkk1RFpGNVkwd0YwdVZkOUxVWVVxN0UwNDNLVXlQWHZmUkFsV29wZVI4alJkMHljXC9lcmNDalFFV1ZWaE5ha1M4MyIsIm1hYyI6IjE3ZGE2ZTczZGQ1NWMwOGE1YWZhZDU0NDcwYzczNDI0YzEzYjY2OTY1ODQ2ZmI2MWYzMzRiZDI2NWRjNGE1MWEifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
insights.xamplifier.com
t.sidekickopen84.com
use.fontawesome.com
23.111.9.35
2606:4700::6812:676
2a00:1450:4001:831::200a
54.70.179.204
0227d5c25f5d4be1dd1d7bb60c30d64a49df59e13bd5c0e012c5fd2ae569e16f
2715374bcd07f53a9327a6fd755cf7ed9495b6fdbcf3259f78ad07445952409a
5554b6881e7438056758064cc95cd9df106d21310914fb5caa057c928503c187
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
d82a224f727a2a0321fe96c54f8fbcb5fa64b405c550afd5aad8bb4728d8f55e
e5d897fdfaf5bedcf10a4478849211f8a480adcd6e151da038f8696d34bd238f
eeb0c67825f41d29174452d1096a066959c1977cecd163b8be9663d5f09bde45