urlscan.io logo urlscan.io
SecurityTrails logo

catur.herokuapp.com Open in urlscan Pro
54.209.219.69  Public Scan

Go To Rescan Add Verdict Report
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Submission: On February 05 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 23 HTTP transactions. The main IP is 54.209.219.69, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is catur.herokuapp.com.
This is the only time catur.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 54.209.219.69 14618 (AMAZON-AES)
6 54.236.166.251 14618 (AMAZON-AES)
1 1 173.192.101.26 36351 (SOFTLAYER)
3 108.168.193.183 36351 (SOFTLAYER)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
1 192.99.0.18 16276 (OVH)
2 94.31.29.128 33438 (HIGHWINDS2)
2 2 173.192.101.24 36351 (SOFTLAYER)
23 9
2    54.209.219.69 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-209-219-69.compute-1.amazonaws.com
catur.herokuapp.com
6    54.236.166.251 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-166-251.compute-1.amazonaws.com
catur.herokuapp.com
1    173.192.101.26 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 1a.65.c0ad.ip4.static.sl-reverse.com
eclkmpsa.com
3    108.168.193.183 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.c1.a86c.ip4.static.sl-reverse.com
mybestdc.com
6    2a00:1450:4001:815::2016 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
i.ytimg.com
2    2a00:1450:4001:824::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
docs.google.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.0.18 (MontrĂ©al, Canada)

ASN16276 (OVH, FR)
PTR: ns500308.ip-192-99-0.net
s4.histats.com
2    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p41099.mycdn.co
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
clksite.com
Apex Domain
Subdomains		 Transfer
8 herokuapp.com
catur.herokuapp.com
481 KB
6 ytimg.com
i.ytimg.com
25 KB
3 histats.com
s10.histats.com
s4.histats.com
10 KB
3 mybestdc.com
mybestdc.com
28 KB
2 clksite.com
clksite.com
504 B
2 mycdn.co
p41099.mycdn.co
77 KB
2 google.com
docs.google.com
1 KB
1 eclkmpsa.com
eclkmpsa.com
253 B
23 8
Domain Requested by
8 catur.herokuapp.com catur.herokuapp.com
6 i.ytimg.com catur.herokuapp.com
3 mybestdc.com catur.herokuapp.com
2 clksite.com 2 redirects
2 p41099.mycdn.co mybestdc.com
2 s10.histats.com catur.herokuapp.com
s10.histats.com
2 docs.google.com 1 redirects catur.herokuapp.com
1 s4.histats.com s10.histats.com
1 eclkmpsa.com 1 redirects
23 9

This site contains links to these domains. Also see Links.

Domain
www.histats.com
www.intango.com
Subject Issuer Validity Valid
edgestatic.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Frame ID: B9EC68C2CF928F6E907B66647A0C9225
Requests: 24 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Frame ID: 32BF085BC0431F54FAF2D61D7BD8EABA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

23
Requests

30 %
HTTPS

20 %
IPv6

8
Domains

9
Subdomains

9
IPs

5
Countries

621 kB
Transfer

806 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://eclkmpsa.com/adServe/banners?tid=41099_139636_0&tagid=2 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Request Chain 13
  • https://docs.google.com/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M/viewform?embedded=true HTTP 301
  • https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Request Chain 20
  • http://clksite.com/adServe/banners?tid=41099_61132_1&tagid=2 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Request Chain 21
  • http://clksite.com/adServe/banners?tid=41099_61132_2&pause=5 HTTP 301
  • http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set .html
catur.herokuapp.com/-HQ0P8TgqzG4/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.209.219.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-219-69.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f / PHP/5.6.15
Resource Hash
ac670ed34cf6fc57d214c8d3f0342e172c59817e31928ec530103b02052507e9

Request headers

Host
catur.herokuapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 05 Feb 2019 18:03:09 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
X-Powered-By
PHP/5.6.15
Set-Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78; expires=Tue, 05-Feb-2019 20:03:09 GMT; Max-Age=7200; path=/
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Via
1.1 vegur
bootstrap.css
catur.herokuapp.com/assets/css/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/bootstrap.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.209.219.69 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-209-219-69.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
cd765bb8ae4a196b79e3a6815bf629aae4570dbe1e09f1072fb689494cb43976

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:09 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"2285e-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141406
bootstrap.min.css
catur.herokuapp.com/assets/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/bootstrap.min.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"1bd5b-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114011
custum.css
catur.herokuapp.com/assets/css/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/custum.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
6ec5d8b4fbbe6119ee7b6ddb263c146050781cc1797553e03ad2bba3fed4b5f1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"f8a-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3978
font-awesome.css
catur.herokuapp.com/assets/css/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/css/font-awesome.css
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"704b-52676125351c0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28747
jquery.min.js
catur.herokuapp.com/assets/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/js/jquery.min.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"1762a-52676125351c0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
bootstrap.min.js
catur.herokuapp.com/assets/js/ 		34 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/js/bootstrap.min.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
Connection
keep-alive
Cache-Control
no-cache
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"875d-52676125351c0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34653
banners
mybestdc.com/adServe/
Redirect Chain
  • http://eclkmpsa.com/adServe/banners?tid=41099_139636_0&tagid=2
  • http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d41dc3bc1d8688dd1e8b94730cd7c3278c966b9ab5d90a2fa472b7780562a749

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 18:03:10 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Date
Tue, 05 Feb 2019 18:03:10 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
default.jpg
i.ytimg.com/vi/zIwkhEqVq4s/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/zIwkhEqVq4s/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ff7e47d3d4657d5adfa44f033c0e61a0e15fea4314f9906cef4546d5fb31cadb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 18:02:41 GMT
x-content-type-options
nosniff
server
sffe
age
28
etag
"1549308418"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4431
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:07:41 GMT
default.jpg
i.ytimg.com/vi/C6efO_Vqc3o/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/C6efO_Vqc3o/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
021bf323af26aafd480780695120f06d8502c3fbcd33403c94d75a323f14fa97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 17:59:06 GMT
x-content-type-options
nosniff
server
sffe
age
243
etag
"1549299022"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4795
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:04:06 GMT
default.jpg
i.ytimg.com/vi/h5nuKwE5VoU/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/h5nuKwE5VoU/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ca2ebdd32f86ffbdf0e1fc1e051effc700e5d79753d50614b7d014c5bc134804
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 18:02:28 GMT
x-content-type-options
nosniff
server
sffe
age
41
etag
"1549341519"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
4678
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:07:28 GMT
default.jpg
i.ytimg.com/vi/-iFq6IcAxBc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/-iFq6IcAxBc/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
28caef19e2d9d184219f59038cfb731ee5e52894127e337121b9473631570595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 18:03:09 GMT
x-content-type-options
nosniff
server
sffe
etag
"1549235507"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
1986
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:08:09 GMT
default.jpg
i.ytimg.com/vi/AnH7cm9Y7CE/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/AnH7cm9Y7CE/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e3bff79236a2d312f48465ce5c34f77ce92f491df59cebb5a5bad5e073af6b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 18:02:07 GMT
x-content-type-options
nosniff
server
sffe
age
62
etag
"1549319529"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
3526
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:07:07 GMT
default.jpg
i.ytimg.com/vi/DUVgD5Xn7JI/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/DUVgD5Xn7JI/default.jpg
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2016 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79d95fd7a00da3c120c2fb207b3c79e4c54429197813b57f7bd8b31199cfbeb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 17:59:19 GMT
x-content-type-options
nosniff
server
sffe
age
230
etag
"1549301232"
content-type
image/jpeg
status
200
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
https://imasdk.googleapis.com
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
5093
x-xss-protection
1; mode=block
expires
Tue, 05 Feb 2019 18:04:19 GMT
viewform
docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/ Frame 32BF
Redirect Chain
  • https://docs.google.com/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M/viewform?embedded=true
  • https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-EDW1GqNxk6R3AgU/ha5x2Q';report-uri https://csp.withgoogle.com/csp/forms/prod
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
docs.google.com
:scheme
https
:path
/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
accept-encoding
gzip, deflate, br
cookie
NID=158=P7icZCVpsb7KrV7Hl2xUN1SStQT-wbFDyuhBWvZsU0WTg__d4vHAYLN5bQASNCNJ9Y9fm1_spx30IFDb3G82dk64SFZlOw9iYT9Eg2dupZDKfHAR3dF_FSXt49csZQv0IMGJ41k4VtECoBHA41MIcb93K0gv1I1tRDhVIixgmC0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html

Response headers

status
200
content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Feb 2019 18:03:10 GMT
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-EDW1GqNxk6R3AgU/ha5x2Q';report-uri https://csp.withgoogle.com/csp/forms/prod
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
set-cookie
S=spreadsheet_forms=p0wpp4R5CPOFBPWiLMKU9-nJV-nI9lPp; Domain=.docs.google.com; Expires=Tue, 05-Feb-2019 19:03:10 GMT; Path=/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g; Secure; HttpOnly; Priority=LOW
alt-svc
quic=":443"; ma=2592000; v="44,43,39"

Redirect headers

status
301
content-type
text/html; charset=UTF-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Feb 2019 18:03:10 GMT
location
https://docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g/viewform?embedded=true
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'none';script-src 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' https: 'nonce-Pq16coH4G7mG8PblvcLyMg';report-uri https://csp.withgoogle.com/csp/forms/prod
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
248
server
GSE
set-cookie
NID=158=Pu-M1TvssqDtbTBYilaKbVO9iRdJcCubGRUu4qvAY0_0nWA6kzMzPTxcDXnoYZW2zDRyyMpljvlkruGW8bG-w9FTHrnnKZkF3yla8v5cpvZxF5s83xyEMET-t5fHfFFAa4y4GUujgSiUJM2MMVu5CuF8l6Mt6Cdzmv-J5w7i6Js;Domain=.google.com;Path=/;Expires=Wed, 07-Aug-2019 18:03:10 GMT;HttpOnly NID=158=P7icZCVpsb7KrV7Hl2xUN1SStQT-wbFDyuhBWvZsU0WTg__d4vHAYLN5bQASNCNJ9Y9fm1_spx30IFDb3G82dk64SFZlOw9iYT9Eg2dupZDKfHAR3dF_FSXt49csZQv0IMGJ41k4VtECoBHA41MIcb93K0gv1I1tRDhVIixgmC0;Domain=.google.com;Path=/;Expires=Wed, 07-Aug-2019 18:03:10 GMT;HttpOnly S=spreadsheet_forms=p0wpp4R5CPOFBPWiLMKU9-nJV-nI9lPp; Domain=.docs.google.com; Expires=Tue, 05-Feb-2019 19:03:10 GMT; Path=/forms/d/1NB-IE4Zkz3290dY-5WcNcJg5_-IHMF_1qiqcZU2ee9M; Secure; HttpOnly; Priority=LOW
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
fontawesome-webfont.woff2
catur.herokuapp.com/assets/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://catur.herokuapp.com/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
54.236.166.251 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-166-251.compute-1.amazonaws.com
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1f /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Pragma
no-cache
Origin
http://catur.herokuapp.com
Accept-Encoding
gzip, deflate
Host
catur.herokuapp.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://catur.herokuapp.com/assets/css/font-awesome.css
Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78; rhid_c=0
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://catur.herokuapp.com/assets/css/font-awesome.css
Origin
http://catur.herokuapp.com

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Via
1.1 vegur
Last-Modified
Wed, 09 Dec 2015 12:17:19 GMT
Server
Apache/2.4.16 (Unix) OpenSSL/1.0.1f
Etag
"ddcc-52676125351c0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56780
js15.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15.js
Requested by
Host: catur.herokuapp.com
URL: http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 05 Feb 2019 17:59:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"335776370"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4381
0.php
s4.histats.com/stats/ 		48 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?3267520&@f16&@g1&@h1&@i1&@j1549389790517&@k0&@l1&@m%3Cdiv%20style%3D%22border%3A1px%20solid%20%23990000%3Bpadding-left%3A20px%3Bmargin%3A0%200%2010px%200%3B%22%3E%20%3Ch4%3EA%20PHP%20Error%20was%20encountered%3C%2Fh4%3E%20%3Cp%3ESeverity%3A%20Notice%3C%2Fp%3E%20%3Cp%3EMessage%3A%20Undefined%20variable%3A%20title%3C%2Fp%3E%20%3Cp%3EFilename%3A%20views%2Flayout.php%3C%2Fp%3E%20%3Cp%3ELine%20Number%3A%205%3C%2Fp%3E%20%3C%2Fdiv%3E&@n0&@o1000&@q0&@r0&@s522&@ten-US&@u1600&@b1:32912814&@b3:1549389791&@b4:js15.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fcatur.herokuapp.com%2F-HQ0P8TgqzG4%2F.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Server
192.99.0.18 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500308.ip-192-99-0.net
Software
/
Resource Hash
acfc1b38221979c890ef1c0ad652af7d576b164ea63e4071a08d962fe8d69ba0

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:10 GMT
Connection
close
Content-Length
48
Content-Type
text/html;charset=UTF-8
cc_522.js
s10.histats.com/counters/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/counters/cc_522.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15.js
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e75d4abbbf5cf029794156e259716393b14607ad4a972ecd4457d10ebd942402

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 17:57:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:13:29 GMT
X-CDN-Pop-IP
137.74.120.0/27
ETag
"-1543079722"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4747
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
5057
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
549ac84d3356464dd2d79cfd5d99ab6750f9af32ea8dce5dd3fcafbaa1915d66

Request headers

Response headers

Content-Type
image/png
rhpop_67-0.js
p41099.mycdn.co/script/ 		153 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p41099.mycdn.co/script/rhpop_67-0.js
Requested by
Host: mybestdc.com
URL: http://mybestdc.com/adServe/banners?tid=41099_139636_0&tagid=2
Protocol
HTTP/1.1
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2e3f300b478e87f0023609ab819114c468a0b243d0550ede07753ec237611212

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Dec 2018 08:46:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"5c18b3e3-265a4"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Expires
Fri, 31 Jan 2020 18:03:11 GMT
banners
mybestdc.com/adServe/
Redirect Chain
  • http://clksite.com/adServe/banners?tid=41099_61132_1&tagid=2
  • http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
946ec898468a8f56fe8b7a09e4bc6e0ceec06fe211096a2cec1af31bb6e42b54

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 18:03:11 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_61132_1&tagid=2
Date
Tue, 05 Feb 2019 18:03:11 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
banners
mybestdc.com/adServe/
Redirect Chain
  • http://clksite.com/adServe/banners?tid=41099_61132_2&pause=5
  • http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Protocol
HTTP/1.1
Server
108.168.193.183 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
b7.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
01dc948378b67995803e9deda046c78fc73a962808da99d51308212d1b6514ab

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Feb 2019 18:03:11 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Date
Tue, 05 Feb 2019 18:03:11 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
178
Content-Type
text/html
bounce-tag_67-0.js
p41099.mycdn.co/banners/bounce/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p41099.mycdn.co/banners/bounce/bounce-tag_67-0.js
Requested by
Host: mybestdc.com
URL: http://mybestdc.com/adServe/banners?tid=41099_61132_2&pause=5
Protocol
HTTP/1.1
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
252b9cbae47f86a8ca37959d2264acf481a3167453f109002e311b10c592961d

Request headers

Referer
http://catur.herokuapp.com/-HQ0P8TgqzG4/.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 05 Feb 2019 18:03:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Dec 2018 08:46:27 GMT
Server
NetDNA-cache/2.2
ETag
W/"5c18b3e3-c33d"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=31104000
Connection
keep-alive
Expires
Fri, 31 Jan 2020 18:03:11 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205

Request headers

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| jQuery111105786787835809313 object| _$cmp object| _$pt object| _rhat4 string| _p function| Bqd7532Hf151 function| _bp function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_522 function| histats_canvascounters_base.js object| _HistatsCounterGraphics_522_setValues function| z5oo object| rhpt17933 function| _$

11 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 158=P7icZCVpsb7KrV7Hl2xUN1SStQT-wbFDyuhBWvZsU0WTg__d4vHAYLN5bQASNCNJ9Y9fm1_spx30IFDb3G82dk64SFZlOw9iYT9Eg2dupZDKfHAR3dF_FSXt49csZQv0IMGJ41k4VtECoBHA41MIcb93K0gv1I1tRDhVIixgmC0
.docs.google.com/forms/d/e/1FAIpQLSeOChQIW5ZVJVcgca2xsFGEES5FAppJDvW6hh_41iZVegZq-g Name: S
Value: spreadsheet_forms=p0wpp4R5CPOFBPWiLMKU9-nJV-nI9lPp
catur.herokuapp.com/ Name: HstCns3267520
Value: 1
catur.herokuapp.com/ Name: HstPt3267520
Value: 1
catur.herokuapp.com/ Name: HstCnv3267520
Value: 1
catur.herokuapp.com/ Name: HstCmu3267520
Value: 1549389790517
catur.herokuapp.com/ Name: ci_session
Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ecfeb4a3d31444aca28ba364891c9ef5%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2210.140.162.50%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_13_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F67.0.3396.87+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1549389789%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D429737fa22f1107190398885c964ce78
catur.herokuapp.com/ Name: HstCla3267520
Value: 1549389790517
catur.herokuapp.com/ Name: HstPn3267520
Value: 1
catur.herokuapp.com/ Name: HstCfa3267520
Value: 1549389790517
catur.herokuapp.com/ Name: rhid_c
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

catur.herokuapp.com
clksite.com
docs.google.com
eclkmpsa.com
i.ytimg.com
mybestdc.com
p41099.mycdn.co
s10.histats.com
s4.histats.com
108.168.193.183
173.192.101.24
173.192.101.26
192.99.0.18
2a00:1450:4001:815::2016
2a00:1450:4001:824::200e
46.105.201.240
54.209.219.69
54.236.166.251
94.31.29.128
01dc948378b67995803e9deda046c78fc73a962808da99d51308212d1b6514ab
021bf323af26aafd480780695120f06d8502c3fbcd33403c94d75a323f14fa97
252b9cbae47f86a8ca37959d2264acf481a3167453f109002e311b10c592961d
28caef19e2d9d184219f59038cfb731ee5e52894127e337121b9473631570595
2e3f300b478e87f0023609ab819114c468a0b243d0550ede07753ec237611212
3d5de2aa4cb911b3c8f05f1f8346c2f6f549e33e011ee9c722f45e78d61ba205
484081bfe6c76d77610eb71a6e71206fe5304d62c037f058b403592192069306
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
549ac84d3356464dd2d79cfd5d99ab6750f9af32ea8dce5dd3fcafbaa1915d66
6c463c59b39335f56b0bffa869b8fe17268b2a77e993ff1c1937bb2d44d7864d
6ec5d8b4fbbe6119ee7b6ddb263c146050781cc1797553e03ad2bba3fed4b5f1
79d95fd7a00da3c120c2fb207b3c79e4c54429197813b57f7bd8b31199cfbeb1
7e3bff79236a2d312f48465ce5c34f77ce92f491df59cebb5a5bad5e073af6b1
946ec898468a8f56fe8b7a09e4bc6e0ceec06fe211096a2cec1af31bb6e42b54
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac670ed34cf6fc57d214c8d3f0342e172c59817e31928ec530103b02052507e9
acfc1b38221979c890ef1c0ad652af7d576b164ea63e4071a08d962fe8d69ba0
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
ca2ebdd32f86ffbdf0e1fc1e051effc700e5d79753d50614b7d014c5bc134804
cd765bb8ae4a196b79e3a6815bf629aae4570dbe1e09f1072fb689494cb43976
d41dc3bc1d8688dd1e8b94730cd7c3278c966b9ab5d90a2fa472b7780562a749
e75d4abbbf5cf029794156e259716393b14607ad4a972ecd4457d10ebd942402
ff7e47d3d4657d5adfa44f033c0e61a0e15fea4314f9906cef4546d5fb31cadb