resolute-lead-snap.glitch.me Open in urlscan Pro
34.231.87.196  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request docusign.html Show response resolute-lead-snap.glitch.me/	3 KB 3 KB	152ms 115ms	Document text/html	34.231.87.196 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://resolute-lead-snap.glitch.me/docusign.html Protocol HTTP/1.1 Server 34.231.87.196 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-231-87-196.compute-1.amazonaws.com Software AmazonS3 / Resource Hash a336c3c0e89f132e9bbffe4b62f78cb3cf113180a949a459658691a5079d254f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 2778 Content-Type text/html; charset=utf-8 Date Sat, 31 Dec 2022 15:08:18 GMT accept-ranges bytes cache-control no-cache etag "c643bdedc709f108de7fbd8c2d453ef5" last-modified Fri, 30 Dec 2022 16:22:16 GMT server AmazonS3 x-amz-id-2 TPRjikhD6RVQRKv+qnEUb40bnxYDNbs/spK+AaOig0yWa7D7elznWhUXprs49C1qAoIv+6DgfPU= x-amz-request-id NRT74Y0HS8CVEE0P x-amz-version-id P4tW_RWBb2Wg5kOTSGz148vz8sWZhvlX
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 25 KB	67ms 27ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 617, 617 age 4333076 cdn-cachedat 2021-06-08 14:34:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid d45111ebe65160a53e36d081c4a375ca timing-allow-origin * cdn-requestcountrycode US cf-ray 7823ee054bd3d15f-BUF cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 30 KB	99ms 45ms	Script text/javascript	2607:f8b0:4006:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 14:19:23 GMT content-encoding gzip x-content-type-options nosniff age 2935 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Dec 2023 14:19:23 GMT
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/	21 KB 7 KB	62ms 24ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 11136730 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6696 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-5309" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfsbgKgtFkWNhKJwbKinuz5FUTRQsN%2BRGWXdR6KV47RP%2BiUk66H5Dh93l6Zfbyiob3Qph9a%2BuLSnw%2FijC16sicw00vKk6FZcIpI%2Bkm2FeWCWlbPGuUN%2B9gBlw2VOrRIICVN7HEXLpRSDtEnrLoCNrpsg"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7823ee054ab5d15b-BUF expires Thu, 21 Dec 2023 15:08:18 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 16 KB	64ms 25ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 617, 617 age 11506813 cdn-cachedat 2021-06-03 21:35:35 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT server cloudflare cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 2cb00a37491ee52b7f77e4c15001e1f8 timing-allow-origin * cdn-requestcountrycode US cf-ray 7823ee054bd4d15f-BUF cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	1 KB 967 B	95ms 36ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e1d007077dbe23399da0d65f37c9a14cea2fa2e1babb405ace619eb6b58a2321 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 31 Dec 2022 15:08:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 31 Dec 2022 15:00:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 31 Dec 2022 15:08:18 GMT
GET H2	200	585b051251.js Show response kit.fontawesome.com/	11 KB 4 KB	97ms 59ms	Script text/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/585b051251.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cddaef1a49287960674430f7b2f137494671f37cd426b97a718f7957fb3926f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer http://resolute-lead-snap.glitch.me/ Origin http://resolute-lead-snap.glitch.me accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status REVALIDATED server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 7823ee054b0ed153-BUF access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id FzW9sJSwK98OYD5MCtaj
GET H2	200	data.js Show response goodwavepowersolution.com/js/vendor/	111 KB 24 KB	390ms 75ms	Script application/javascript	204.11.58.87 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://goodwavepowersolution.com/js/vendor/data.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.11.58.87 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS bh-24.webhostbox.net Software Apache / Resource Hash 7e52666e6edf7761c132a0118961c236fb26a5d3644b5643db57b9c555f19075 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT content-encoding gzip last-modified Wed, 16 Nov 2022 07:10:24 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type application/javascript
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 84 KB	73ms 21ms	Script text/javascript	2607:f8b0:4006:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 14:17:07 GMT x-content-type-options nosniff age 3071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 85578 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Dec 2023 14:17:07 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/	50 KB 15 KB	68ms 23ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 845 age 4334113 cdn-cachedat 07/13/2022 17:30:46 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:06 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag W/"67176c242e1bdc20603c878dee836df3" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 7bde012c47e0eeb67993e8e75d655340 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 7823ee055913d14f-BUF cdn-requestpullsuccess True
GET H2	200	script.js Show response autodiscoverydocs.com/SAMSSAM/	4 KB 2 KB	140ms 69ms	Script application/javascript	2606:4700:3033::6815:2209 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://autodiscoverydocs.com/SAMSSAM/script.js Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2209 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 701f0a5d39d5e4a49dcc40b4153c7b6d58452d3717fee9e2734c377fd966bb83 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 15 Dec 2022 21:26:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1162-5efe483184d98-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2H%2FXYilj2%2Fxb2s6Kjlk2OjfOmSCEnADVRK66cUYFotC4AdcgHjFC4hJvxrwIFGqLieDbDhOPbZBVDl2AYxiUraA1XMg7WUWJP0rCEW%2Bq3CTFD1U8mmYZuRnm01260c7cPiZvuXz5xHt%2FG5KQyuOa%2BGaagU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7823ee057ea58c57-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	836ms 786ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/585b051251.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:19 GMT via 1.1 3c5331437516cad55176ed64fb9cbf96.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop AKL50-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRcgOYGSqLHShEPjeJj7ktRToTJ0KvZM1QcjZqJ0rgg5uH9%2FsCFPRnEi4gpPUZP2R9dQFWZgal4apSnQfr%2BYkbEJmJZrpFUaEsIH5hDfVIRDGA2OQkTa86BuDb3xglQeM7qN8DQOsmfmH2878BRzo9D46w%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7823ee063a09e758-EWR access-control-allow-headers fa-kit-token x-amz-cf-id 3XFIpM9pjW11-v9vKPQF_AA_ksnI3i5AQ8dW0fgkx2FFrb4SZlu_Ng==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	815ms 765ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/585b051251.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:19 GMT via 1.1 90703f8a11fde4d53a57249de6d32926.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop AKL50-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHe52j8fwD4RYMVF3P5NGLqYUDGzWkNlr7o4SjjTFUlKcqAm4Ck9Xxo%2FXXDVB%2BpwMPEId9ASII70XkwSjr5Jf7BGk9vUHoCOgVHtTltrv7gLzCx8XhsMMWqWkV2n1%2B6PqK0jGlW5jk9z4jDk2aaRbT2vkg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7823ee063a0ae758-EWR access-control-allow-headers fa-kit-token x-amz-cf-id h67v-GSEwou_g35uHDas6Uvh3kP2jFbTGMDDEMjiUTPCn0V9lFpXgA==
GET H2	200	bg2.png i.ibb.co/LC9zs2z/	250 KB 250 KB	81ms 20ms	Image image/png	104.243.38.202 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/LC9zs2z/bg2.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 Oxford, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash b5ae5d1b9bbc3de8ff152674214684eb1150f756c9961ebb8e5e6d42fc4d561d Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT last-modified Thu, 08 Sep 2022 23:39:57 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 255695 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	onedrive-white.png i.ibb.co/YP07D8F/	27 KB 27 KB	23ms 20ms	Image image/png	104.243.38.202 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/YP07D8F/onedrive-white.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 Oxford, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 94f584a17bcf5868513c7e0b8a7085df161aac6fc6deef8907d1579ed8312899 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT last-modified Thu, 08 Sep 2022 23:40:00 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 27264 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gmail.png i.ibb.co/hFVyJ4d/	65 KB 65 KB	25ms 22ms	Image image/png	104.243.38.202 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/hFVyJ4d/gmail.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 Oxford, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT last-modified Thu, 08 Sep 2022 23:39:59 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 66743 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	outlook.png i.ibb.co/pwjrKdF/	34 KB 34 KB	26ms 24ms	Image image/png	104.243.38.202 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/pwjrKdF/outlook.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 Oxford, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT last-modified Thu, 08 Sep 2022 23:40:00 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 34316 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	9850094e81fd7e1b5afbaf9b442d7102.png i.gyazo.com/	10 KB 10 KB	110ms 59ms	Image image/png	2606:4700:4400::6812:2404 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.gyazo.com/9850094e81fd7e1b5afbaf9b442d7102.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2404 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e0f9006d0b47f1ee9acd7a7c6e973f6399843ec0a2f7a0774630dac37550398 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT via 1.1 google cf-cache-status HIT age 175146 content-length 9872 server cloudflare etag "9850" vary Accept-Encoding content-type image/png access-control-allow-origin https://gyazo.com cache-control public, max-age=31536000 access-control-allow-credentials true x-cache-level ZS accept-ranges bytes cf-ray 7823ee084995d14f-BUF expires Sun, 31 Dec 2023 15:08:18 GMT
GET H2	200	office365.png i.ibb.co/9HdhLjB/	11 KB 12 KB	31ms 29ms	Image image/png	104.243.38.202 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/9HdhLjB/office365.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.243.38.202 Oxford, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash ddf5887ce15778102013d5527ec1fd09bc400fa19b91416b36b828ecdbd76ca8 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT last-modified Thu, 08 Sep 2022 23:39:59 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 11741 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	dfe1f27feb80e077ca826152f314dab4.png i.gyazo.com/	158 KB 158 KB	87ms 37ms	Image image/png	2606:4700:4400::6812:2404 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://i.gyazo.com/dfe1f27feb80e077ca826152f314dab4.png Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2404 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5938b07280a4d329ae577d95d3ebab47773f6e88f7715741d0a923a74d39ed09 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 31 Dec 2022 15:08:18 GMT via 1.1 google cf-cache-status HIT age 175147 content-length 161604 server cloudflare etag "dfe1" vary Accept-Encoding content-type image/png access-control-allow-origin https://gyazo.com cache-control public, max-age=31536000 access-control-allow-credentials true x-cache-level ZS accept-ranges bytes cf-ray 7823ee084996d14f-BUF expires Sun, 31 Dec 2023 15:08:18 GMT
GET H/1.1	200 OK	othermail.ico www.yakutyapi.com/images/images/	195 KB 84 KB	1091ms 143ms	Image image/x-icon	193.223.105.146 BURSABIL
General Check archive.org Show headers Download Go to Show image Full URL https://www.yakutyapi.com/images/images/othermail.ico Requested by Host: resolute-lead-snap.glitch.me URL: http://resolute-lead-snap.glitch.me/docusign.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.223.105.146 , Turkey, ASN60721 (BURSABIL, TR), Reverse DNS servers.serversistem.com Software Apache / Resource Hash 2ef05cf5ee8f394a6399077d91e12ae3ed7f7232336308bcc051feca72d2d7b8 Request headers accept-language en-US,en;q=0.9 Referer http://resolute-lead-snap.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 31 Dec 2022 15:08:18 GMT Content-Encoding gzip Last-Modified Tue, 14 Jan 2020 12:16:22 GMT Server Apache Vary Accept-Encoding,User-Agent Transfer-Encoding chunked Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Generic (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeKitConfig function| gmail function| aol function| yahoo function| outlook function| office365 function| other function| _0xe79f function| _0x4b97 function| _0x1ae864

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			i.gyazo.com/	1970-01-20 18:10:59	Name: Gyazo_cfwoker Value: i

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
autodiscoverydocs.com
cdnjs.cloudflare.com
fonts.googleapis.com
goodwavepowersolution.com
i.gyazo.com
i.ibb.co
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
resolute-lead-snap.glitch.me
stackpath.bootstrapcdn.com
www.yakutyapi.com
104.243.38.202
193.223.105.146
204.11.58.87
2606:4700:3033::6815:2209
2606:4700:4400::6812:2404
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e4::ac40:a816
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81d::200a
34.231.87.196
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2ef05cf5ee8f394a6399077d91e12ae3ed7f7232336308bcc051feca72d2d7b8
2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5938b07280a4d329ae577d95d3ebab47773f6e88f7715741d0a923a74d39ed09
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
701f0a5d39d5e4a49dcc40b4153c7b6d58452d3717fee9e2734c377fd966bb83
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7e52666e6edf7761c132a0118961c236fb26a5d3644b5643db57b9c555f19075
94f584a17bcf5868513c7e0b8a7085df161aac6fc6deef8907d1579ed8312899
9e0f9006d0b47f1ee9acd7a7c6e973f6399843ec0a2f7a0774630dac37550398
a336c3c0e89f132e9bbffe4b62f78cb3cf113180a949a459658691a5079d254f
acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
b5ae5d1b9bbc3de8ff152674214684eb1150f756c9961ebb8e5e6d42fc4d561d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cddaef1a49287960674430f7b2f137494671f37cd426b97a718f7957fb3926f4
ddf5887ce15778102013d5527ec1fd09bc400fa19b91416b36b828ecdbd76ca8
e1d007077dbe23399da0d65f37c9a14cea2fa2e1babb405ace619eb6b58a2321
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda