urlscan.io logo urlscan.io
SecurityTrails logo

edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net Open in urlscan Pro
18.66.97.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Effective URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 02 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 18.66.97.129, located in United States and belongs to AMAZON-02, US. The main domain is edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 2nd 2023. Valid for: a year.
This is the only time edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 18.66.97.129 16509 (AMAZON-02)
1 13.224.245.61 16509 (AMAZON-02)
1 2600:9000:239... 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
5 4
Apex Domain
Subdomains		 Transfer
3 intellij.net
edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
1 jetbrains.com
resources.jetbrains.com — Cisco Umbrella Rank: 24092
46 KB
5 3
Domain Requested by
3 edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net 1 redirects edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
1 script.hotjar.com static.hotjar.com
1 resources.jetbrains.com edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
1 static.hotjar.com edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
5 4

This site contains no links.

Subject Issuer Validity Valid
edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
Amazon RSA 2048 M03		 2023-11-02 -
2024-11-30		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
resources.jetbrains.com
Amazon RSA 2048 M01		 2023-03-06 -
2024-04-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Frame ID: 648A05BFAD332068EBAF8AEBC4D4AA57
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Analytics

Page URL History Show full URLs

  1. http://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/ HTTP 301
    https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

5
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

107 kB
Transfer

382 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/ HTTP 301
    https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Redirect Chain
  • http://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
  • https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd89573a74b81ae5f3676d1d8c2a80374a68ba239b7e28d387a8e76ae667fdfb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Thu, 02 Nov 2023 17:42:00 GMT
etag
W/"8ff24b9698bf1a94633a6fb53aea5906"
last-modified
Thu, 02 Nov 2023 15:57:12 GMT
permissions-policy
camera=()
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-id
a_TpRomARmP2WJdJyljruoEQff1LXDvJjRgpdYK_X84V4S-aG0hXYA==
x-amz-cf-pop
FRA56-P2
x-amz-expiration
expiry-date="Mon, 06 May 2024 00:00:00 GMT", rule-id="Expire qa files in 6 months"
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html
Date
Thu, 02 Nov 2023 17:41:59 GMT
Location
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Permissions-Policy
camera=()
Referrer-Policy
strict-origin-when-cross-origin
Server
CloudFront
Via
1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Nzy5Dhg5FXG06j6fCJ9m8BlQ4JP9ymf-yb3-x3utxUGWj5udzJl0MQ==
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
main.js
edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/versions/1652/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/versions/1652/main.js
Requested by
Host: edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 17:42:00 GMT
x-amz-version-id
null
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
x-amz-expiration
expiry-date="Mon, 06 May 2024 00:00:00 GMT", rule-id="Expire qa files in 6 months"
last-modified
Thu, 02 Nov 2023 15:57:12 GMT
server
AmazonS3
etag
W/"8ff24b9698bf1a94633a6fb53aea5906"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
permissions-policy
camera=()
x-amz-cf-id
kEeqItEPFA8wAP_VHo5eHte2SVlBFUwK_IkfSMHgs4PB_Vtf-6_GaQ==
hotjar-1243715.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1243715.js?sv=6
Requested by
Host: edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-61.lhr62.r.cloudfront.net
Software
/
Resource Hash
f272cb88728724f92695c4457141e3db6737084d74244f9b16b61465df730210
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 02 Nov 2023 17:41:59 GMT
via
1.1 7945124cc4b7caf5a8180cc1189567ee.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
etag
W/171517e93dc28713cc530853b90e733b
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
7YbSXrMXOVLLVCw0V7N4cLjW68woqn__LXThQCVH6qoPCwuaGctMCA==
fus-reporting-api.js
resources.jetbrains.com/storage/fus/api/ 		143 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.jetbrains.com/storage/fus/api/fus-reporting-api.js
Requested by
Host: edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net
URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:239f:1000:16:5107:2340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d163086ee0335126c5e271c178e03acbf62b66b30a5711dcd81aa524ce4d609

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Nov 2023 17:42:01 GMT
content-encoding
gzip
via
1.1 ecb6880220cec19d7d48fb6d26bdb1f6.cloudfront.net (CloudFront)
last-modified
Thu, 18 Nov 2021 18:16:48 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P5
etag
W/"5d3243d2e9d014ecb5d90c7fbf33fba5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=600
x-amz-cf-id
esfU3kjpQ9Ydb8nGIf57tEl0UoM-8cQ8tG0ReT5R4nWrv2ge4eLXyg==
modules.ff7668e49c0d149938c4.js
script.hotjar.com/ 		228 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.ff7668e49c0d149938c4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1243715.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
578e43aee443910dace37bedbf47d21002aed9c9241fb51009e2f034ac05a99e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 11:43:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
21534
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56551
last-modified
Thu, 02 Nov 2023 11:42:34 GMT
etag
"d1cd1c4ab472937b7602961ffcc8059d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
zozp0uUxodaqRMH6P7biXekTc7mxugIsJoNicM-arIXSdeYCX3nF-Q==

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| hj object| _hjSettings function| fusra object| api object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| regeneratorRuntime

5 Cookies

Domain/Path Name / Value
.intellij.net/ Name: _hjSessionUser_1243715
Value: eyJpZCI6ImY5M2FkNGNjLTFiOTUtNTg5ZS05ZTFkLTQ4NmFlMmMyZmY0YyIsImNyZWF0ZWQiOjE2OTg5NDY5MjAxODYsImV4aXN0aW5nIjpmYWxzZX0=
.intellij.net/ Name: _hjFirstSeen
Value: 1
.intellij.net/ Name: _hjIncludedInSessionSample_1243715
Value: 0
.intellij.net/ Name: _hjSession_1243715
Value: eyJpZCI6ImU4MDdkMTU4LTg5YTQtNGMwNS05ZDRlLWRjYmVmZjRiY2M1OCIsImNyZWF0ZWQiOjE2OTg5NDY5MjAxODgsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.intellij.net/ Name: _hjAbsoluteSessionInProgress
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/versions/1652/main.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/
Message:
Refused to execute script from 'https://edoroshenko-ap-5734-support-fa.console.fus.aws.intellij.net/versions/1652/main.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block