urlscan.io logo urlscan.io
SecurityTrails logo

catur.herokuapp.com Open in urlscan Pro
52.45.22.48  Public Scan

Go To Rescan Add Verdict Report
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Submission: On February 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 34 HTTP transactions. The main IP is 52.45.22.48, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is catur.herokuapp.com.
This is the only time catur.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52.45.22.48 14618 (AMAZON-AES)
6 52.204.129.108 14618 (AMAZON-AES)
1 1 173.192.101.26 36351 (SOFTLAYER)
3 108.168.193.183 36351 (SOFTLAYER)
16 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 198.27.80.143 16276 (OVH)
2 94.31.29.128 33438 (HIGHWINDS2)
2 2 173.192.101.24 36351 (SOFTLAYER)
34 9
2    52.45.22.48 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-22-48.compute-1.amazonaws.com
catur.herokuapp.com
6    52.204.129.108 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-204-129-108.compute-1.amazonaws.com
catur.herokuapp.com
1    173.192.101.26 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 1a.65.c0ad.ip4.static.sl-reverse.com
eclkmpsa.com
3    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
mybestdc.com
16    2a00:1450:4001:818::2016 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
i.ytimg.com
3    2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
docs.google.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    198.27.80.143 (MontrĂ©al, Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
2    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p41099.mycdn.co
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
clksite.com
Domain Requested by
16 i.ytimg.com catur.herokuapp.com
8 catur.herokuapp.com catur.herokuapp.com
3 mybestdc.com catur.herokuapp.com
2 clksite.com 2 redirects
2 p41099.mycdn.co mybestdc.com
2 s10.histats.com catur.herokuapp.com
s10.histats.com
2 docs.google.com 1 redirects catur.herokuapp.com
1 s4.histats.com s10.histats.com
1 www.youtube.com catur.herokuapp.com
1 eclkmpsa.com 1 redirects
34 10

This site contains links to these domains. Also see Links.

Domain
www.histats.com
www.intango.com
Subject Issuer Validity Valid
edgestatic.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Frame ID: 48202657C73E3002337017B05D6A9BC6
Requests: 34 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
Frame ID: 81D0E4B6CA909A3BC859E52E7F228C3A
Requests: 1 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Frame ID: 3E6DE60159CE5181F285BBEEA4E10F86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

34
Requests

53 %
HTTPS

20 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

659 kB
Transfer

844 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://eclkmpsa.com/adServe/banners?tid=41099_139636_0&tagid=2 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Request Chain 23
  • http://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1 HTTP 307
  • https://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
Request Chain 24
  • https://docs.google.com/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M/viewform?embedded=true HTTP 301
  • https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Request Chain 31
  • http://clksite.com/adServe/banners?tid=41099_61132_1&tagid=2 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Request Chain 32
  • http://clksite.com/adServe/banners?tid=41099_61132_2&pause=5 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 1.html
catur.herokuapp.com/-_5eBqnCvNC4/ 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.45.22.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-22-48.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f / PHP/5.6.15
Resource Hash
33964f8c1890f8b66d6af558d744543732c58ae0a2cf11c77d858ced7862425f

Request headers

Host
catur.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 05 Feb 2019 20:55:43 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
X-Powered-By
PHP/5.6.15
Set-Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787; expires=Tue, 05-Feb-2019 22:55:43 GMT; Max-Age=7200; path=/
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur
bootstrap.css
catur.herokuapp.com/assets/css/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/bootstrap.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.45.22.48 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-45-22-48.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
cd765bb8ae4a196b79e3a6815bf629aae4570dbe1e09f1072fb689494cb43976

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"2285e-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141406
bootstrap.min.css
catur.herokuapp.com/assets/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/bootstrap.min.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"1bd5b-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114011
custum.css
catur.herokuapp.com/assets/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/custum.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
6ec5d8b4fbbe6119ee7b6ddb263c146050781cc1797553e03ad2bba3fed4b5f1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"f8a-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3978
font-awesome.css
catur.herokuapp.com/assets/css/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/font-awesome.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"704b-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28747
jquery.min.js
catur.herokuapp.com/assets/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/js/jquery.min.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"1762a-52676125351c0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
bootstrap.min.js
catur.herokuapp.com/assets/js/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/js/bootstrap.min.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"875d-52676125351c0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34653
banners
mybestdc.com/adServe/
Redirect Chain
  • http://eclkmpsa.com/adServe/banners?tid=41099_139636_0&tagid=2
  • http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
1115ba6bb5a8dd5a960a70e00c71ac56847b790db8de5e7df2386502aae5edf5

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 20:55:44 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Date
Tue, 05 Feb 2019 20:55:44 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
default.jpg
i.ytimg.com/vi/zIwkhEqVq4s/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/zIwkhEqVq4s/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ff7e47d3d4657d5adfa44f033c0e61a0e15fea4314f9906cef4546d5fb31cadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:52:23 GMT
x-content-type-options
nosniff
server
sffe
age
200
etag
"1549308418"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4431
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 20:57:23 GMT
default.jpg
i.ytimg.com/vi/OTmR1agaJ3k/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/OTmR1agaJ3k/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
01741e7defcfb99443fa945e32662b5f04edc48d6e5cd01d5fb28ac95d8b14cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:53:56 GMT
x-content-type-options
nosniff
server
sffe
age
107
etag
"1549332243"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3948
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 20:58:56 GMT
default.jpg
i.ytimg.com/vi/MGEKXdbfLQo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/MGEKXdbfLQo/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae35e8e6f84a5dd8ea3c3c7088271a173cf92367df2d3e1d8144e64061ecf2bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:55:44 GMT
x-content-type-options
nosniff
server
sffe
etag
"1549322311"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4319
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:00:44 GMT
default.jpg
i.ytimg.com/vi/C6efO_Vqc3o/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/C6efO_Vqc3o/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
021bf323af26aafd480780695120f06d8502c3fbcd33403c94d75a323f14fa97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:52:04 GMT
x-content-type-options
nosniff
server
sffe
age
220
etag
"1549299022"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4795
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 20:57:04 GMT
default.jpg
i.ytimg.com/vi/-iFq6IcAxBc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/-iFq6IcAxBc/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
28caef19e2d9d184219f59038cfb731ee5e52894127e337121b9473631570595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:55:40 GMT
x-content-type-options
nosniff
server
sffe
age
4
etag
"1549235507"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
1986
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:00:40 GMT
default.jpg
i.ytimg.com/vi/AnH7cm9Y7CE/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/AnH7cm9Y7CE/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e3bff79236a2d312f48465ce5c34f77ce92f491df59cebb5a5bad5e073af6b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:55:44 GMT
x-content-type-options
nosniff
server
sffe
etag
"1549319529"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3526
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:00:44 GMT
default.jpg
i.ytimg.com/vi/XPq3Qd7IikI/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/XPq3Qd7IikI/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1cda0390d8bfdd50bba532df5b73d4cfab981c233d3e4df8f9449374242255e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:13:41 GMT
x-content-type-options
nosniff
server
sffe
age
2523
etag
"1540236488"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4801
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:13:41 GMT
default.jpg
i.ytimg.com/vi/VW0pphKy46Q/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/VW0pphKy46Q/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c75d1adc7d38b1f3eda6d571116adb85505af0c8d78c48e2ffa986b5e12e32b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 19:18:21 GMT
x-content-type-options
nosniff
server
sffe
age
5843
etag
"1544785294"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
2866
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:18:21 GMT
default.jpg
i.ytimg.com/vi/KqZGCzmKmj0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/KqZGCzmKmj0/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e3c0df45c788105799f61081218009d2dcd23b3a8e7a33fde096bd0e6ae10cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:51:58 GMT
x-content-type-options
nosniff
server
sffe
age
226
etag
"1532519167"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3529
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:51:58 GMT
default.jpg
i.ytimg.com/vi/qQP1ekfg6iw/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/qQP1ekfg6iw/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b5e462560e0413603e6840fed8337201c97423b44cf00d91e8543ba734766e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:05:30 GMT
x-content-type-options
nosniff
server
sffe
age
3014
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3166
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:05:30 GMT
default.jpg
i.ytimg.com/vi/odAgJVr2JSY/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/odAgJVr2JSY/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ecdc79a4e1231232a4bb46a6b9fe1064e6d4022078f07c2c34e1f9adea74eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 19:16:32 GMT
x-content-type-options
nosniff
server
sffe
age
5952
etag
"1540908128"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4492
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:16:32 GMT
default.jpg
i.ytimg.com/vi/_7Vn-wF0oTg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/_7Vn-wF0oTg/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
37ee660b708944e5898ab2d924bf4526f4231b7311e2e34b27fb9aab25cb0721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:01:32 GMT
x-content-type-options
nosniff
server
sffe
age
3252
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4707
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:01:32 GMT
default.jpg
i.ytimg.com/vi/pP6IcIA_Ueg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/pP6IcIA_Ueg/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a1b8ebf50f927cb4d7a0f64cafdccbf94dd73332048acd6a6fbe24ec56164e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:13:08 GMT
x-content-type-options
nosniff
server
sffe
age
2556
etag
"1436153076"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4186
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:13:08 GMT
default.jpg
i.ytimg.com/vi/h3DpiqbU0_Y/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/h3DpiqbU0_Y/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
84e9ed726d0adc00fef3de34bccd5ca224691c0fe9845149ab3940bd889ab53f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:48:00 GMT
x-content-type-options
nosniff
server
sffe
age
464
etag
"1504093509"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3633
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:48:00 GMT
default.jpg
i.ytimg.com/vi/BJ0WULuibs8/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/BJ0WULuibs8/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ae68b528db354a5c20526bbac1825c8ea33c342499263e14fc15ed70428e7510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 20:55:44 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"1439113600"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3509
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 22:55:44 GMT
default.jpg
i.ytimg.com/vi/SFpwMTE8FI4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/SFpwMTE8FI4/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:818::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5240ea9da9b7ddd022e87c8c6ee7a76afa5528e118d22542df25f679ddcd7060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 19:42:34 GMT
x-content-type-options
nosniff
server
sffe
age
4390
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3353
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 21:42:34 GMT
_5eBqnCvNC4
www.youtube.com/embed/ Frame 81D0
Redirect Chain
  • http://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
  • https://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/_5eBqnCvNC4?autoplay=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires
Tue, 27 Apr 1971 19:44:06 EST
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
br
date
Tue, 05 Feb 2019 20:55:44 GMT
server
YouTube Frontend Proxy
x-xss-protection
1; mode=block
set-cookie
VISITOR_INFO1_LIVE=5Yxkz9qKyU0; path=/; domain=.youtube.com; expires=Sun, 04-Aug-2019 20:55:44 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 05-Feb-2019 21:25:44 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 07-Oct-2019 08:48:44 GMT YSC=amzkVo-NaS4; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=5Yxkz9qKyU0; path=/; domain=.youtube.com; expires=Sun, 04-Aug-2019 20:55:44 GMT; httponly
alt-svc
quic=":443"; ma=2592000; v="44,43,39"

Redirect headers

Location
https://www.youtube.com/embed/_5eBqnCvNC4?autoplay=1
Non-Authoritative-Reason
HSTS
viewform
docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/ Frame 3E6D
Redirect Chain
  • https://docs.google.com/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M/viewform?embedded=true
  • https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-d6Al38/oAS6z3wF3ZS0cug';report-uri https://csp.withgoogle.com/csp/forms/prod
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.google.com
:scheme
https
:path
/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
accept-encoding
gzip, deflate, br
cookie
NID=158=ipYtC-o8_9Hk6apfVRdA_O-XsXQsstvKRkMfVNQMz-VMYKc9tgvq7N-lBClUAdOADWuXr4okvQShhiMx8HrmnA6EmCEYHMsQHFWV5eopc0qPOzN22pn8bmA4jRkVkoQwIs3FL2fs4rdV_owFn1ylMgkzGPPYPzwQUra9e3_qxEA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Feb 2019 20:55:45 GMT
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-d6Al38/oAS6z3wF3ZS0cug';report-uri https://csp.withgoogle.com/csp/forms/prod
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
set-cookie
S=spreadsheet_forms=ywIl0dRyF2lv13Du5FLdhZW_TcV928sR; Domain=.docs.google.com; Expires=Tue, 05-Feb-2019 21:55:45 GMT; Path=/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g; Secure; HttpOnly; Priority=LOW
alt-svc
quic=":443"; ma=2592000; v="44,43,39"

Redirect headers

status
301
content-type
text/html; charset=UTF-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Feb 2019 20:55:44 GMT
location
https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-eEzmrzjVAQ/EaWeLoXwcYw';report-uri https://csp.withgoogle.com/csp/forms/prod
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
248
server
GSE
set-cookie
NID=158=cSsCxWYjcy-YKUgTe3aH59Rf118VdkMhRE-whV25qnRRMFIf1rvnSif_d-3p7NDa4t95nAjmjyFOVyHeZfurLx8oENJMbKJoS-OBiAtp00qLqLdQyB5F9_HjdtETF8FpmcEdxAqMe4rhvgX1cX7c0ueBTCgHvgjD58tnQAaSgns;Domain=.google.com;Path=/;Expires=Wed, 07-Aug-2019 20:55:44 GMT;HttpOnly NID=158=ipYtC-o8_9Hk6apfVRdA_O-XsXQsstvKRkMfVNQMz-VMYKc9tgvq7N-lBClUAdOADWuXr4okvQShhiMx8HrmnA6EmCEYHMsQHFWV5eopc0qPOzN22pn8bmA4jRkVkoQwIs3FL2fs4rdV_owFn1ylMgkzGPPYPzwQUra9e3_qxEA;Domain=.google.com;Path=/;Expires=Wed, 07-Aug-2019 20:55:44 GMT;HttpOnly S=spreadsheet_forms=ywIl0dRyF2lv13Du5FLdhZW_TcV928sR; Domain=.docs.google.com; Expires=Tue, 05-Feb-2019 21:55:44 GMT; Path=/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M; Secure; HttpOnly; Priority=LOW
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
fontawesome-webfont.woff2
catur.herokuapp.com/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
52.204.129.108 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-204-129-108.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma
no-cache
Origin
http://catur.herokuapp.com
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/assets/css/font-awesome.css
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787; rhid_c=0
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://catur.herokuapp.com/assets/css/font-awesome.css
Origin
http://catur.herokuapp.com

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"ddcc-52676125351c0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56780
js15.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 05 Feb 2019 20:49:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"335776370"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4381
0.php
s4.histats.com/stats/ 		50 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3267520&@f16&@g1&@h1&@i1&@j1549400144636&@k0&@l1&@m%D0%94%D0%B5%D1%81%D1%8F%D1%82%D1%8C%20%D0%BB%D0%B5%D1%82%20%D0%BF%D1%80%D0%B5%D1%81%D0%BB%D0%B5%D0%B4%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B9%20%D1%87%D0%BB%D0%B5%D0%BD%D0%BE%D0%B2%20%D0%A5%D0%B8%D0%B7%D0%B1%D0%B0%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8&@n0&@o1000&@q0&@r0&@s522&@ten-US&@u1600&@b1:54651369&@b3:1549400145&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcatur.herokuapp.com%2F-_5eBqnCvNC4%2F1.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Server
198.27.80.143 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
060fdd448a5f6212fe7940a5b05184ff750043700445354db11c285fb42db296

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:44 GMT
Connection
close
Content-Length
50
Content-Type
text/html;charset=UTF-8
cc_522.js
s10.histats.com/counters/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/counters/cc_522.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e75d4abbbf5cf029794156e259716393b14607ad4a972ecd4457d10ebd942402

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:47:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:13:29 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"-1543079722"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
5057
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
549ac84d3356464dd2d79cfd5d99ab6750f9af32ea8dce5dd3fcafbaa1915d66

Request headers

Response headers

Content-Type
image/png
rhpop_67-0.js
p41099.mycdn.co/script/ 		153 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p41099.mycdn.co/script/rhpop_67-0.js
Requested by
Host: mybestdc.com
URL: http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Protocol
HTTP/1.1
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2e3f300b478e87f0023609ab819114c468a0b243d0550ede07753ec237611212

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Dec 2018 08:46:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"5c18b3e3-265a4"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Expires
Fri, 31 Jan 2020 20:55:45 GMT
banners
mybestdc.com/adServe/
Redirect Chain
  • http://clksite.com/adServe/banners?tid=41099_61132_1&tagid=2
  • http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
a9d5be13b4600cf67a7c51108f2cc7fdd20170578d38b5ceabfe6c0a270bce98

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 20:55:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Date
Tue, 05 Feb 2019 20:55:45 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
banners
mybestdc.com/adServe/
Redirect Chain
  • http://clksite.com/adServe/banners?tid=41099_61132_2&pause=5
  • http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
4588761e34f579d860163d974f4414c0bba48cfcd4f9500a1b2195781ada74cc

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 20:55:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Date
Tue, 05 Feb 2019 20:55:45 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
bounce-tag_67-0.js
p41099.mycdn.co/banners/bounce/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p41099.mycdn.co/banners/bounce/bounce-tag_67-0.js
Requested by
Host: mybestdc.com
URL: http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Protocol
HTTP/1.1
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
252b9cbae47f86a8ca37959d2264acf481a3167453f109002e311b10c592961d

Request headers

Referer
http://catur.herokuapp.com/-_5eBqnCvNC4/1.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 20:55:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Dec 2018 08:46:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"5c18b3e3-c33d"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Expires
Fri, 31 Jan 2020 20:55:45 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205

Request headers

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery1111045487803659186987 object| _$cmp object| _$pt object| _rhat4 string| _p function| Bqd7532Hf151 function| _bp function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_522 function| histats_canvascounters_base.js object| _HistatsCounterGraphics_522_setValues function| z5oo object| rhpt17933 function| _$

15 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 158=ipYtC-o8_9Hk6apfVRdA_O-XsXQsstvKRkMfVNQMz-VMYKc9tgvq7N-lBClUAdOADWuXr4okvQShhiMx8HrmnA6EmCEYHMsQHFWV5eopc0qPOzN22pn8bmA4jRkVkoQwIs3FL2fs4rdV_owFn1ylMgkzGPPYPzwQUra9e3_qxEA
.docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g Name: S
Value: spreadsheet_forms=ywIl0dRyF2lv13Du5FLdhZW_TcV928sR
.youtube.com/ Name: YSC
Value: amzkVo-NaS4
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 5Yxkz9qKyU0
catur.herokuapp.com/ Name: HstCns3267520
Value: 1
catur.herokuapp.com/ Name: HstPt3267520
Value: 1
.youtube.com/ Name: GPS
Value: 1
catur.herokuapp.com/ Name: HstCnv3267520
Value: 1
catur.herokuapp.com/ Name: HstPn3267520
Value: 1
catur.herokuapp.com/ Name: HstCmu3267520
Value: 1549400144636
catur.herokuapp.com/ Name: ci_session
Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2258d5e7ee40affd9733023bf614bb3350%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.45.185.148%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549400143%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dbfcee3d39c6d17db2304488238987787
catur.herokuapp.com/ Name: HstCla3267520
Value: 1549400144636
catur.herokuapp.com/ Name: HstCfa3267520
Value: 1549400144636
catur.herokuapp.com/ Name: rhid_c
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

catur.herokuapp.com
clksite.com
docs.google.com
eclkmpsa.com
i.ytimg.com
mybestdc.com
p41099.mycdn.co
s10.histats.com
s4.histats.com
www.youtube.com
108.168.193.183
173.192.101.24
173.192.101.26
198.27.80.143
2a00:1450:4001:818::2016
2a00:1450:4001:825::200e
46.105.201.240
52.204.129.108
52.45.22.48
94.31.29.128
01741e7defcfb99443fa945e32662b5f04edc48d6e5cd01d5fb28ac95d8b14cf
021bf323af26aafd480780695120f06d8502c3fbcd33403c94d75a323f14fa97
060fdd448a5f6212fe7940a5b05184ff750043700445354db11c285fb42db296
1115ba6bb5a8dd5a960a70e00c71ac56847b790db8de5e7df2386502aae5edf5
1cda0390d8bfdd50bba532df5b73d4cfab981c233d3e4df8f9449374242255e7
252b9cbae47f86a8ca37959d2264acf481a3167453f109002e311b10c592961d
28caef19e2d9d184219f59038cfb731ee5e52894127e337121b9473631570595
2e3f300b478e87f0023609ab819114c468a0b243d0550ede07753ec237611212
33964f8c1890f8b66d6af558d744543732c58ae0a2cf11c77d858ced7862425f
37ee660b708944e5898ab2d924bf4526f4231b7311e2e34b27fb9aab25cb0721
3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205
4588761e34f579d860163d974f4414c0bba48cfcd4f9500a1b2195781ada74cc
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
5240ea9da9b7ddd022e87c8c6ee7a76afa5528e118d22542df25f679ddcd7060
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
549ac84d3356464dd2d79cfd5d99ab6750f9af32ea8dce5dd3fcafbaa1915d66
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d
6ec5d8b4fbbe6119ee7b6ddb263c146050781cc1797553e03ad2bba3fed4b5f1
7e3bff79236a2d312f48465ce5c34f77ce92f491df59cebb5a5bad5e073af6b1
84e9ed726d0adc00fef3de34bccd5ca224691c0fe9845149ab3940bd889ab53f
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a
a1b8ebf50f927cb4d7a0f64cafdccbf94dd73332048acd6a6fbe24ec56164e70
a9d5be13b4600cf67a7c51108f2cc7fdd20170578d38b5ceabfe6c0a270bce98
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ae35e8e6f84a5dd8ea3c3c7088271a173cf92367df2d3e1d8144e64061ecf2bb
ae68b528db354a5c20526bbac1825c8ea33c342499263e14fc15ed70428e7510
b3ecdc79a4e1231232a4bb46a6b9fe1064e6d4022078f07c2c34e1f9adea74eb
b5e462560e0413603e6840fed8337201c97423b44cf00d91e8543ba734766e20
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c75d1adc7d38b1f3eda6d571116adb85505af0c8d78c48e2ffa986b5e12e32b6
cd765bb8ae4a196b79e3a6815bf629aae4570dbe1e09f1072fb689494cb43976
e3c0df45c788105799f61081218009d2dcd23b3a8e7a33fde096bd0e6ae10cfc
e75d4abbbf5cf029794156e259716393b14607ad4a972ecd4457d10ebd942402
ff7e47d3d4657d5adfa44f033c0e61a0e15fea4314f9906cef4546d5fb31cadb