urlscan.io logo urlscan.io
SecurityTrails logo

hq.mreboy.com Open in urlscan Pro
64.22.68.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hq.mreboy.com/
Effective URL: https://hq.mreboy.com/auth
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 16 HTTP transactions. The main IP is 64.22.68.41, located in United States and belongs to DATABANK-LATISYS, US. The main domain is hq.mreboy.com.
TLS certificate: Issued by R3 on March 23rd 2024. Valid for: 3 months.
This is the only time hq.mreboy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 64.22.68.41 7226 (DATABANK-...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:50c0:800... 54113 (FASTLY)
4 4 99.86.4.38 16509 (AMAZON-02)
4 18.66.102.19 16509 (AMAZON-02)
16 7
5    64.22.68.41 (United States)

ASN7226 (DATABANK-LATISYS, US)
PTR: epsilon.hostineer.com
hq.mreboy.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
4    99.86.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net
cdn.glitch.com
4    18.66.102.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-19.fra56.r.cloudfront.net
cdn.glitch.me
Apex Domain
Subdomains		 Transfer
5 mreboy.com
hq.mreboy.com
569 KB
4 glitch.me
cdn.glitch.me — Cisco Umbrella Rank: 77939
92 KB
4 glitch.com
cdn.glitch.com — Cisco Umbrella Rank: 85504
2 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 744
224 KB
2 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4605
1 MB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1139
40 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
30 KB
16 8
Domain Requested by
5 hq.mreboy.com 1 redirects hq.mreboy.com
4 cdn.glitch.me hq.mreboy.com
4 cdn.glitch.com 4 redirects
4 unpkg.com 2 redirects hq.mreboy.com
2 raw.githubusercontent.com hq.mreboy.com
2 maxcdn.bootstrapcdn.com hq.mreboy.com
1 cdnjs.cloudflare.com hq.mreboy.com
1 ajax.googleapis.com hq.mreboy.com
16 8

This site contains links to these domains. Also see Links.

Domain
discord.gg
Subject Issuer Validity Valid
*.mreboy.com
R3		 2024-03-23 -
2024-06-21		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://hq.mreboy.com/auth
Frame ID: 784DD1102BAFE24574BBF69D97F5DF18
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Foxhole Global HQ - Authorization

Page URL History Show full URLs

  1. http://hq.mreboy.com/ HTTP 307
    https://hq.mreboy.com/ HTTP 302
    https://hq.mreboy.com/auth Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

63 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

2042 kB
Transfer

5145 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hq.mreboy.com/ HTTP 307
    https://hq.mreboy.com/ HTTP 302
    https://hq.mreboy.com/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/react@16/umd/react.development.js HTTP 302
  • https://unpkg.com/react@16.14.0/umd/react.development.js
Request Chain 5
  • https://unpkg.com/react-dom@16/umd/react-dom.development.js HTTP 302
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.development.js
Request Chain 10
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png?v=1560206167061 HTTP 301
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png
Request Chain 12
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png?v=1559680682388 HTTP 301
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png
Request Chain 13
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf?1556105927235 HTTP 301
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf
Request Chain 14
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png?1555496179680 HTTP 301
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request auth
hq.mreboy.com/
Redirect Chain
  • http://hq.mreboy.com/
  • https://hq.mreboy.com/
  • https://hq.mreboy.com/auth
1 KB
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hq.mreboy.com/auth
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
64.22.68.41 , United States, ASN7226 (DATABANK-LATISYS, US),
Reverse DNS
epsilon.hostineer.com
Software
Apache / Express, Phusion Passenger
Resource Hash
a58ad648a1eed04fe1af62de3ed0f9f6525324e1fafd77ad4f90ae24635da698

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-encoding
br
content-length
501
content-type
text/html; charset=UTF-8
date
Mon, 29 Apr 2024 23:44:10 GMT
etag
W/"53d-186bafaf3b0-br"
last-modified
Tue, 07 Mar 2023 07:30:54 GMT
server
Apache
status
200 OK
vary
Accept-Encoding
x-powered-by
Express, Phusion Passenger

Redirect headers

content-length
54
content-type
text/html; charset=utf-8
date
Mon, 29 Apr 2024 23:44:10 GMT
location
/auth
server
Apache
status
302 Found
vary
Accept
x-powered-by
Express, Phusion Passenger
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3263643
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
702e145dd070a28ef381a81e33a0aeab
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87c32891e83f1c2e-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 10:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Apr 2025 10:15:45 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
247976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1fX3HgxpIPWCvGF%2BJts4KzQ%2F9bqUw5Jb5M%2BBQNdQF3Tye%2F7udfV%2Bk9CcHKnwm0v01SAdP8Zxb3siHPlATbwlSBQUgwyAJY70vAR6YTUbnxw8gZa%2FTYy0UXUTUW0L7RQ%2BmDGHrRzkv3CZdx9aNpq2ZVr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87c32891ea3e18d9-FRA
expires
Sat, 19 Apr 2025 23:44:10 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1048
age
4076579
cdn-cachedat
10/31/2023 18:58:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"67176c242e1bdc20603c878dee836df3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
96836f9a16ad736eafb4dde61f94079f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
87c32891e8401c2e-FRA
cdn-requestpullsuccess
True
react.development.js
unpkg.com/react@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react@16/umd/react.development.js
  • https://unpkg.com/react@16.14.0/umd/react.development.js
103 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.14.0/umd/react.development.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75bf60f3ea0e3cbcdbdecc902eeb842b6cbe39db8e62f1fa7f91a755d51d020c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4082971
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWE2S5QXEEZ7FH18JX0F3T2-fra
server
cloudflare
etag
W/"19ab2-C3Ua5vRzx2zwS6KGmZnWTqCvuYU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87c3289249e59238-FRA

Redirect headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HWP3V98DACBX2936WY7ZTNX3-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
62
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react@16.14.0/umd/react.development.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
87c3289209cc9238-FRA
react-dom.development.js
unpkg.com/react-dom@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react-dom@16/umd/react-dom.development.js
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.development.js
885 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.development.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
733ffef3d12f49b6275ba47c5d7824c7e948b7e102fd5a1ef9b5b980ee5d9dda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
4076556
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWM6ERDMB0R8TK0PJ17HHG1-fra
server
cloudflare
etag
W/"dd434-exTRzpXSEqHSt1xW0+dTBBSHbIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87c3289249e69238-FRA

Redirect headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HWP3V98F619E2QWNG77CTDNM-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
62
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/react-dom@16.14.0/umd/react-dom.development.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
87c3289209cd9238-FRA
style.css
hq.mreboy.com/_styles/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hq.mreboy.com/_styles/style.css
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
64.22.68.41 , United States, ASN7226 (DATABANK-LATISYS, US),
Reverse DNS
epsilon.hostineer.com
Software
Apache / Express, Phusion Passenger
Resource Hash
bb4701d435b34217a5c6cd6c585a68d15896f3bffb613ab3c374b62e6cd10875

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/auth
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
last-modified
Tue, 07 Mar 2023 07:30:54 GMT
server
Apache
x-powered-by
Express, Phusion Passenger
etag
W/"ee3-186bafaf3b0-br"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200 OK
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1263
auth.css
hq.mreboy.com/_styles/ 		2 KB
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hq.mreboy.com/_styles/auth.css
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
64.22.68.41 , United States, ASN7226 (DATABANK-LATISYS, US),
Reverse DNS
epsilon.hostineer.com
Software
Apache / Express, Phusion Passenger
Resource Hash
537dc28567ed21a0185c5bdebfa729774fb24576b9e837e7e2f4a940f981cd68

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/auth
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
last-modified
Tue, 07 Mar 2023 07:30:54 GMT
server
Apache
x-powered-by
Express, Phusion Passenger
etag
W/"8c2-186bafaf3b0-br"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
status
200 OK
cache-control
public, max-age=0
accept-ranges
bytes
content-length
726
auth.js
hq.mreboy.com/webpack/ 		3 MB
566 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hq.mreboy.com/webpack/auth.js
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
64.22.68.41 , United States, ASN7226 (DATABANK-LATISYS, US),
Reverse DNS
epsilon.hostineer.com
Software
Apache / Express, Phusion Passenger
Resource Hash
0125c59153b7d69cd37ea04f6d74ba3ecd4f209a6e85ad09824ca96ae18a64ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/auth
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 23:44:10 GMT
content-encoding
br
last-modified
Sun, 15 Oct 2023 17:00:55 GMT
server
Apache
x-powered-by
Express, Phusion Passenger
etag
W/"29ffbe-18b34489bb4-br"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=0
accept-ranges
bytes
Warden_flag_Dark.png
raw.githubusercontent.com/Kassandros44/Assets/master/Backgrounds/ 		977 KB
978 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/Kassandros44/Assets/master/Backgrounds/Warden_flag_Dark.png
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/_styles/auth.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
63709a43bdc4dd72c03102082af116041917e6507bf9b4a97954466da8001e8d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
341e15740fc4bb1ae1ee78529cfde98fe038fbfb
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 23:44:11 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
1000123
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230142-FRA
x-github-request-id
3B98:27AD9E:C382AB:CD6BDB:663030CA
x-timer
S1714434251.141335,VS0,VE195
etag
W/"87d692892304124ca806f131f04cf4b151a960f4874d3072264d5c180386ce37"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Mon, 29 Apr 2024 23:49:11 GMT
dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png
cdn.glitch.me/
Redirect Chain
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png?v=1560206167061
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/auth
Protocol
HTTP/1.1
Server
18.66.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d6f21ce746f7ad7371a6d0cb17d8ed34aa59e0d704aac37442b04df0d4c0f2f
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Apr 2024 13:36:08 GMT
Via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Content-Security-Policy
script-src 'none'
Last-Modified
Mon, 10 Jun 2019 22:36:09 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P2
Age
814084
ETag
"c83bd2f45f4135e3109681d70ff2cedb"
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
2672
X-Amz-Cf-Id
nl_guuv7Q0Krvg-D35FKj1dZ_EDSYlsMJT481BSLWZiOsZrYlIjPsQ==

Redirect headers

Date
Mon, 29 Apr 2024 23:44:12 GMT
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fdisc.png
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
BCp-NXblV5WhfENjKGF_8FCbcCbPP-plSPOOP9rF-dt8n90vMWK5DQ==
WHQ_Auth_Banner.png
raw.githubusercontent.com/Kassandros44/Assets/master/Images/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/Kassandros44/Assets/master/Images/WHQ_Auth_Banner.png
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/_styles/auth.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a83424fd5ddc29301e4d0dc99a095c496c4c95e2f99b6dbb6f555f70a576354a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hq.mreboy.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
e4d71ea389755ecfffa61a9d1d43bdbfb94b1a67
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 29 Apr 2024 23:44:11 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
105966
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230142-FRA
x-github-request-id
12CE:0E67:24AA2C9:26A10DF:663030C7
x-timer
S1714434251.323112,VS0,VE182
etag
W/"e2d66ea1e2e8a9194bef7ef5c1b8f2194ecc340b33c5e672a07bbdaa005c4cae"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Mon, 29 Apr 2024 23:49:11 GMT
dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png
cdn.glitch.me/
Redirect Chain
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png?v=1559680682388
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/_styles/style.css
Protocol
HTTP/1.1
Server
18.66.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Apr 2024 13:36:08 GMT
Via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
Content-Security-Policy
script-src 'none'
Last-Modified
Tue, 04 Jun 2019 20:38:03 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P2
Age
814084
ETag
"cc3efe8db6a40d3a044dca9de932df73"
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
5447
X-Amz-Cf-Id
YfA_UryBPgd0BdDuXmnJLQKNTqPOZs_2dEPD0Qxy166wRxDo5RlbdA==

Redirect headers

Date
Mon, 29 Apr 2024 23:44:12 GMT
Via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Fsits_landing.png
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
AfDcbQ2a_K4veHuKvY80_KTtrOK_aGV_Hmu6c1e5EM7kUAF93qjFMQ==
dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf
cdn.glitch.me/
Redirect Chain
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf?1556105927235
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf
80 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf
Requested by
Host: hq.mreboy.com
URL: https://hq.mreboy.com/_styles/style.css
Protocol
HTTP/1.1
Server
18.66.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e075543d8ed35240cf6f2e5701c8e5518ee5f730c56f64b5a279b074a25f3c5
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Apr 2024 16:37:46 GMT
Via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
Content-Security-Policy
script-src 'none'
Last-Modified
Wed, 24 Apr 2019 11:38:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P2
Age
803186
ETag
"49cbd928da11ec96d360be6a691431c6"
X-Cache
Hit from cloudfront
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
82292
X-Amz-Cf-Id
J6_ZGezeME1L6cQXw4yE26jiIdsyYTnoyI1ZkzRJtR5CQh3a7ODKmQ==

Redirect headers

Date
Mon, 29 Apr 2024 23:44:12 GMT
Via
1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, HEAD, POST
X-Cache
Miss from cloudfront
Access-Control-Allow-Origin
*
Location
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2FJost-400.ttf
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
mepULEgTuQY3GefJxJqgVgs5m2La5sdCttbEFvN41W2mL4mtBDCL0Q==
dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png
cdn.glitch.me/
Redirect Chain
  • https://cdn.glitch.com/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png?1555496179680
  • https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png
1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png
Protocol
HTTP/1.1
Server
18.66.102.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ed30c04ceb9109bae9d3d233f88c9ddaddf331675c02476f77b1e90bc96a1c4
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hq.mreboy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Sat, 20 Apr 2024 13:36:08 GMT
Via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
Content-Security-Policy
script-src 'none'
Last-Modified
Wed, 17 Apr 2019 10:16:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P2
Age
814084
ETag
"efd9fb1552d2f4f597c3e7ec6505dfcd"
Vary
Origin
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
1281
X-Amz-Cf-Id
ervxKQqpI-b644vSobSHvZCzjoPgGhzPGBbj48g3WmGY1-xKJBkICQ==

Redirect headers

Date
Mon, 29 Apr 2024 23:44:12 GMT
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
https://cdn.glitch.me/dd3f06b2-b7d4-4ccc-8675-05897efc4bb5%2Faa.png
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
ibR2baZUZOc5pEOPwfUDCt-caVdD24ujJhBt2I5jzyDhZRhMMGuhVA==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper object| bootstrap object| React object| ReactDOM

1 Cookies

Domain/Path Name / Value
hq.mreboy.com/ Name: name of session id
Value: s%3ABd_5LqetsiMdhAKKjg4WISTZGpi0tbQc.JsAcQNBor%2BbXCxpfoV1XdbRB58H5R8u9ertPmj3tDWM

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.glitch.com
cdn.glitch.me
cdnjs.cloudflare.com
hq.mreboy.com
maxcdn.bootstrapcdn.com
raw.githubusercontent.com
unpkg.com
18.66.102.19
2606:4700::6811:180e
2606:4700::6811:f5cb
2606:4700::6812:bcf
2606:50c0:8000::154
2a00:1450:4001:828::200a
64.22.68.41
99.86.4.38
0125c59153b7d69cd37ea04f6d74ba3ecd4f209a6e85ad09824ca96ae18a64ef
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2ed30c04ceb9109bae9d3d233f88c9ddaddf331675c02476f77b1e90bc96a1c4
483ed1c78b7394366985110fe15e4aaf941882427515e5dfe7f582827a15378c
537dc28567ed21a0185c5bdebfa729774fb24576b9e837e7e2f4a940f981cd68
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
63709a43bdc4dd72c03102082af116041917e6507bf9b4a97954466da8001e8d
733ffef3d12f49b6275ba47c5d7824c7e948b7e102fd5a1ef9b5b980ee5d9dda
75bf60f3ea0e3cbcdbdecc902eeb842b6cbe39db8e62f1fa7f91a755d51d020c
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7e075543d8ed35240cf6f2e5701c8e5518ee5f730c56f64b5a279b074a25f3c5
8d6f21ce746f7ad7371a6d0cb17d8ed34aa59e0d704aac37442b04df0d4c0f2f
a58ad648a1eed04fe1af62de3ed0f9f6525324e1fafd77ad4f90ae24635da698
a83424fd5ddc29301e4d0dc99a095c496c4c95e2f99b6dbb6f555f70a576354a
bb4701d435b34217a5c6cd6c585a68d15896f3bffb613ab3c374b62e6cd10875
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e