urlscan.io logo urlscan.io
SecurityTrails logo

d398.ga Open in urlscan Pro
104.28.11.58  Public Scan

Go To Rescan Add Verdict Report
URL: http://d398.ga/
Submission: On March 05 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 7 countries across 15 domains to perform 19 HTTP transactions. The main IP is 104.28.11.58, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is d398.ga.
This is the only time d398.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.28.11.58 13335 (CLOUDFLAR...)
1 94.31.29.16 54104 (AS-STACKPATH)
1 54.76.40.173 16509 (AMAZON-02)
1 2.18.234.206 16625 (AKAMAI-AS)
1 91.235.228.113 15694 (ATMAN-ISP...)
1 184.106.55.73 32244 (LIQUIDWEB)
1 2.16.186.107 20940 (AKAMAI-ASN1)
1 199.34.228.49 27647 (WEEBLY)
2 144.76.153.40 24940 (HETZNER-AS)
1 66.147.244.68 46606 (UNIFIEDLA...)
1 173.199.70.152 20473 (AS-CHOOPA)
1 192.185.186.156 20013 (CYRUSONE)
1 1 104.31.85.226 13335 (CLOUDFLAR...)
1 2 104.31.84.226 13335 (CLOUDFLAR...)
1 172.217.18.10 15169 (GOOGLE)
1 108.161.189.121 54104 (AS-STACKPATH)
3 172.217.21.195 15169 (GOOGLE)
19 16
1    104.28.11.58 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
d398.ga
1    94.31.29.16 (United Kingdom)

ASN54104 (AS-STACKPATH - netDNA, US)
PTR: 94.31.29.16.IPYX-077437-ZYO.above.net
maxcdn.bootstrapcdn.com
1    54.76.40.173 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: mail.uk.w3pcloud.com
www.gbtraining.org.uk
1    2.18.234.206 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
static3.bigstockphoto.com
1    91.235.228.113 (Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: 91.235.228.113.rev.nf.pl
klub.nf.pl
1    184.106.55.73 (San Antonio, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: lb1-n01.wc1.lan3.stabletransit.com
www.takeahyke.com
1    2.16.186.107 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-107.deploy.akamaitechnologies.com
m.c.lnkd.licdn.com
1    199.34.228.49 (San Francisco, United States)

ASN27647 (WEEBLY - Weebly, Inc., US)
PTR: pages-custom-9.weebly.com
www.aquaticsolution.com
2    144.76.153.40 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.153.76.144.clients.your-server.de
slideplayer.com
1    66.147.244.68 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: box768.bluehost.com
wildernessjobs.ca
1    173.199.70.152 (Skanderborg, Denmark)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 173.199.70.152.vultr.com
33.img.avito.link
1    192.185.186.156 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: 192-185-186-156.unifiedlayer.com
irc-pakistan.org
1    104.31.85.226 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.gbscorporate.com
2    104.31.84.226 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.gbscorporate.com
gbscorporate.com
1    172.217.18.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f10.1e100.net
fonts.googleapis.com
1    108.161.189.121 (Los Angeles, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
maxcdn.bootstrapcdn.com
3    172.217.21.195 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f195.1e100.net
fonts.gstatic.com
Domain Requested by
3 fonts.gstatic.com d398.ga
2 www.gbscorporate.com 2 redirects
2 slideplayer.com d398.ga
2 maxcdn.bootstrapcdn.com d398.ga
1 fonts.googleapis.com d398.ga
1 gbscorporate.com d398.ga
1 irc-pakistan.org d398.ga
1 33.img.avito.link d398.ga
1 wildernessjobs.ca d398.ga
1 www.aquaticsolution.com d398.ga
1 m.c.lnkd.licdn.com d398.ga
1 www.takeahyke.com d398.ga
1 klub.nf.pl d398.ga
1 static3.bigstockphoto.com d398.ga
1 www.gbtraining.org.uk d398.ga
1 d398.ga
19 16

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://d398.ga/
Frame ID: (41A04187DB5EF1903AFF02029E81F395)
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

16
IPs

7
Countries

6191 kB
Transfer

6317 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://www.gbscorporate.com/dist/images/trainers.jpg HTTP 301
  • https://www.gbscorporate.com/dist/images/trainers.jpg HTTP 301
  • https://gbscorporate.com/dist/images/trainers.jpg

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
d398.ga/ 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://d398.ga/
Protocol
HTTP/1.1
Server
104.28.11.58 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.23
Resource Hash
bc475053788581a2d98e5cef8d8ba24ec818a6b521d570c2b926d12c2a72d87e

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
d398.ga
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:25 GMT
Content-Encoding
gzip
Server
cloudflare
X-Powered-By
PHP/7.0.23
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Set-Cookie
__cfduid=ded385522ee781c942bd7b4a877c921481520249065; expires=Tue, 05-Mar-19 11:24:25 GMT; path=/; domain=.d398.ga; HttpOnly 79b146013e9925541d9f7944591f917ae313f6ea=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNTIwMjQ5MDY1fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNTIwMjQ5MDY1fSxcInRpbWVcIjoxNTIwMjQ5MDY1fSJ9.uD3kV1fwNSd5kCgXSvfXld3Fu--Ml1JH7AXCRYEOSgo; expires=Thu, 05-Apr-2018 11:24:25 GMT; Max-Age=2678400; path=/; domain=.d398.ga
Cache-Control
max-age=604800
Connection
keep-alive
CF-RAY
3f6c375341559c11-AMS
Expires
Mon, 12 Mar 2018 11:24:25 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/lumen/ 		128 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/lumen/bootstrap.min.css
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
94.31.29.16 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
94.31.29.16.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2841c0975cb9514396c1592125f26a419b1363aa61a164609bb10279d6a1f4bc

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 05 Mar 2018 11:24:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Feb 2018 05:51:54 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"87238be077412a901992c81f3164ed70"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
expires
Thu, 28 Feb 2019 11:24:25 GMT
stock-image-36025459.jpg
www.gbtraining.org.uk/wp-content/uploads/2017/04/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gbtraining.org.uk/wp-content/uploads/2017/04/stock-image-36025459.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
54.76.40.173 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
mail.uk.w3pcloud.com
Software
w3pcloud /
Resource Hash
b07e34af785388f0090900d9ca200b82c6b40014795bc22fbd5acfb873427f6a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Varnish-Hits
Hit - 0
Date
Mon, 05 Mar 2018 11:24:25 GMT
X-Clacks-Overhead
GNU Terry Pratchett
Last-Modified
Wed, 19 Apr 2017 12:55:44 GMT
Server
w3pcloud
Age
0
ETag
"16cbb-54d848addf0c0"
Content-Type
image/jpeg
Cache-Control
public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
93371
X-XSS-Protection
1; mode=block
104987522.jpg
static3.bigstockphoto.com/thumbs/4/0/1/large1500/ 		160 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static3.bigstockphoto.com/thumbs/4/0/1/large1500/104987522.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
2.18.234.206 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f882737e671f18d4bd652abc2360a34bd082692ba217cbc01f61791cea8e191f

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2016 11:50:38 GMT
Server
AmazonS3
x-amz-request-id
EEDA1ED5C855FF03
ETag
"80222027226a5c06b20c3066494d5628"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31535975
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
x-amz-id-2
CMUP+hNfry6N7asKQbqu3kwaFVi1fbpBjlB5te6X2WpbSsTBXPwnrrClVSaJXGJWqF4GK2+dsrQ=
Expires
Tue, 05 Mar 2019 11:24:00 GMT
10093_banner_700x330.jpg
klub.nf.pl/media/images/articles/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://klub.nf.pl/media/images/articles/10093_banner_700x330.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
91.235.228.113 , Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
91.235.228.113.rev.nf.pl
Software
lighttpd/1.4.31 /
Resource Hash
f7c3968ce29bac77d89cb115b04431866e15c90e2319c16187dbb528c69180d8

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-Backend-IP
10.12.7.204
Date
Mon, 05 Mar 2018 11:24:25 GMT
Via
1.1 varnish
Last-Modified
Wed, 27 Nov 2013 09:29:55 GMT
Server
lighttpd/1.4.31
Age
0
Vary
X-Cache
MISS
Content-Type
image/jpeg
cache-control
max-age=604801
X-Varnish
1585919726
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51459
X-Backend-Name
NF_STATIC_1_2
section-news_med.jpeg
www.takeahyke.com/_Media/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.takeahyke.com/_Media/section-news_med.jpeg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
184.106.55.73 San Antonio, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
lb1-n01.wc1.lan3.stabletransit.com
Software
Apache/2.4 /
Resource Hash
d8a0ac4ffb0661707d95a8c49317629194b8667ca2237db63949f4bd3743fcd5

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:26 GMT
Last-Modified
Thu, 26 Jan 2017 18:58:44 GMT
Server
Apache/2.4
Content-Type
image/jpeg
X-Cache-Info
caching
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
21932
08bd2f3.jpg
m.c.lnkd.licdn.com/mpr/mpr/shrink_500_500/p/6/005/09c/00c/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://m.c.lnkd.licdn.com/mpr/mpr/shrink_500_500/p/6/005/09c/00c/08bd2f3.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
2.16.186.107 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-107.deploy.akamaitechnologies.com
Software
Apache-Coyote/1.1 /
Resource Hash
3cf98145b9999ee59b1d095b66702a8dc2739cef71601b4a6e4cdeaa8b25e5a1

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Mon, 05 Mar 2018 11:24:25 GMT
X-CDN
AKAM
Connection
keep-alive
Content-Length
29821
X-LI-UUID
StTsHGwCGRWAUR5reysAAA==
Server
Apache-Coyote/1.1
Last-Modified
Tue, 09 Dec 2014 20:21:03 GMT
X-Li-Pop
prod-efr5
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN
Cache-Control
max-age=604800
Timing-Allow-Origin
*
X-Li-Fabric
prod-lva1
Expires
Mon, 12 Mar 2018 11:24:25 GMT
20161117-092758_orig.jpg
www.aquaticsolution.com/uploads/1/1/2/4/11241049/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.aquaticsolution.com/uploads/1/1/2/4/11241049/20161117-092758_orig.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
199.34.228.49 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS
pages-custom-9.weebly.com
Software
nginx /
Resource Hash
d2e5524e748fcf488f8f63bb97e61143c1abc49eba61a48c15d25866acdcb056

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:26 GMT
Last-Modified
Tue, 29 Nov 2016 05:01:57 GMT
Server
nginx
ETag
"7ea2c8215-2e1b0-542697cd6bb40"
Content-Type
image/jpeg
X-Host
pages35.sf2p.intern.weebly.net
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
188848
big_thumb.jpg
slideplayer.com/32/10030994/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://slideplayer.com/32/10030994/big_thumb.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
144.76.153.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.153.76.144.clients.your-server.de
Software
nginx /
Resource Hash
81eb80d63646078ecbd17325d450a6767848eabbfb61191515c20c6c6ea77243

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:25 GMT
Last-Modified
Sat, 23 Apr 2016 00:52:49 GMT
Server
nginx
Cache-Backend-Server
slideplayer-89
ETag
"571ac761-6792"
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26514
Expires
Wed, 04 Apr 2018 11:24:25 GMT
Christoph-600x450.jpg
wildernessjobs.ca/wp-content/uploads/2017/09/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://wildernessjobs.ca/wp-content/uploads/2017/09/Christoph-600x450.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
66.147.244.68 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
box768.bluehost.com
Software
nginx/1.12.2 /
Resource Hash
c73444791775cffbe2d7a9c4704af564ce3362c00082d5ad88a11924ee235101

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Sep 2017 17:44:05 GMT
Server
nginx/1.12.2
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
max-age=2592000, public
Cache-Control
max-age=2592000
X-Acc-Exp
2592
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33363
X-Proxy-Cache
BYPASS wildernessjobs.ca
3379260733.jpg
33.img.avito.link/1280x960/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://33.img.avito.link/1280x960/3379260733.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
173.199.70.152 Skanderborg, Denmark, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
173.199.70.152.vultr.com
Software
nginx/1.10.3 /
Resource Hash
6af6b447b89c934bfa4ba4c086967fb4272ed8d7ca0f79b6af1d827bfcfd5450

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:25 GMT
ETag
W/"58bfb548-1a852"
Last-Modified
Wed, 08 Mar 2017 07:39:52 GMT
Server
nginx/1.10.3
Cache-status
MISS
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000
Connection
keep-alive
CF-RAY
3f6c37552235a8c9-CDG
Content-Length
141590
Expires
Wed, 15 Nov 2986 11:00:00 GMT
20170405_145715.jpg
irc-pakistan.org/wp-content/uploads/2017/04/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://irc-pakistan.org/wp-content/uploads/2017/04/20170405_145715.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
192.185.186.156 Houston, United States, ASN20013 (CYRUSONE - CyrusOne LLC, US),
Reverse DNS
192-185-186-156.unifiedlayer.com
Software
nginx/1.12.2 /
Resource Hash
405b8c8520cdad7cb07f4355e60e83756cc9daea935c253c114e8ac6cfadcf48

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:26 GMT
Last-Modified
Thu, 01 Jun 2017 08:19:29 GMT
Server
nginx/1.12.2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5398243
Content-Type
image/jpeg
big_thumb.jpg
slideplayer.com/24/7418209/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://slideplayer.com/24/7418209/big_thumb.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
HTTP/1.1
Server
144.76.153.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.40.153.76.144.clients.your-server.de
Software
nginx /
Resource Hash
34e27e0a9362dfd2fa81373449fcc31384be08332afca5199d03af87b6038fbe

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Mon, 05 Mar 2018 11:24:25 GMT
Last-Modified
Tue, 19 Apr 2016 19:16:18 GMT
Server
nginx
Cache-Backend-Server
slideplayer-89
ETag
"57168402-489c"
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18588
Expires
Wed, 04 Apr 2018 11:24:25 GMT
trainers.jpg
gbscorporate.com/dist/images/
Redirect Chain
  • http://www.gbscorporate.com/dist/images/trainers.jpg
  • https://www.gbscorporate.com/dist/images/trainers.jpg
  • https://gbscorporate.com/dist/images/trainers.jpg
81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gbscorporate.com/dist/images/trainers.jpg
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
104.31.84.226 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c21898270be83879ea3f0855b6a9b5d5143f20c7c9ea54a6ab00c07d7695a35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 05 Mar 2018 11:24:26 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200
content-length
83216
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 08:46:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"592e82d4-14510"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3f6c3756aa0f9810-FRA
expires
Mon, 05 Mar 2018 15:24:26 GMT

Redirect headers

date
Mon, 05 Mar 2018 11:24:26 GMT
cf-cache-status
MISS
server
cloudflare
status
301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://gbscorporate.com/dist/images/trainers.jpg
cache-control
public, max-age=14400
cf-ray
3f6c3755e9aa9810-FRA
expires
Mon, 05 Mar 2018 15:24:26 GMT
css
fonts.googleapis.com/ 		10 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
a0827f6ea01a61c7b5ac7f7c08d8d4ac686d3ed588664ec942ccc95e75d1a4ec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://d398.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 05 Mar 2018 11:24:25 GMT
content-encoding
gzip
last-modified
Mon, 05 Mar 2018 11:24:25 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Mon, 05 Mar 2018 11:24:25 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootswatch/3.3.7/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
108.161.189.121 Los Angeles, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.7/lumen/bootstrap.min.css
Origin
http://d398.ga

Response headers

date
Mon, 05 Mar 2018 11:24:25 GMT
last-modified
Tue, 20 Feb 2018 05:52:11 GMT
server
NetDNA-cache/2.2
status
200
etag
"448c34a56d699c29117adc64c43affeb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31104000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
content-length
18028
expires
Thu, 28 Feb 2019 11:24:25 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
172.217.21.195 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f195.1e100.net
Software
sffe /
Resource Hash
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Origin
http://d398.ga

Response headers

date
Mon, 12 Feb 2018 14:31:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:48 GMT
server
sffe
age
1803166
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12960
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 14:31:39 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
172.217.21.195 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f195.1e100.net
Software
sffe /
Resource Hash
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Origin
http://d398.ga

Response headers

date
Fri, 23 Feb 2018 11:30:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:26:10 GMT
server
sffe
age
863610
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12600
x-xss-protection
1; mode=block
expires
Sat, 23 Feb 2019 11:30:55 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
Requested by
Host: d398.ga
URL: http://d398.ga/
Protocol
SPDY
Server
172.217.21.195 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f195.1e100.net
Software
sffe /
Resource Hash
d48183c5037dadb91300e66ceeee886c74102fbc5b7f86766cf544cc700c34eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
Origin
http://d398.ga

Response headers

date
Mon, 12 Feb 2018 15:17:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:49 GMT
server
sffe
age
1800428
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12200
x-xss-protection
1; mode=block
expires
Tue, 12 Feb 2019 15:17:17 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.d398.ga/ Name: 79b146013e9925541d9f7944591f917ae313f6ea
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNTIwMjQ5MDY1fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNTIwMjQ5MDY1fSxcInRpbWVcIjoxNTIwMjQ5MDY1fSJ9.uD3kV1fwNSd5kCgXSvfXld3Fu--Ml1JH7AXCRYEOSgo
.d398.ga/ Name: __cfduid
Value: ded385522ee781c942bd7b4a877c921481520249065

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33.img.avito.link
d398.ga
fonts.googleapis.com
fonts.gstatic.com
gbscorporate.com
irc-pakistan.org
klub.nf.pl
m.c.lnkd.licdn.com
maxcdn.bootstrapcdn.com
slideplayer.com
static3.bigstockphoto.com
wildernessjobs.ca
www.aquaticsolution.com
www.gbscorporate.com
www.gbtraining.org.uk
www.takeahyke.com
104.28.11.58
104.31.84.226
104.31.85.226
108.161.189.121
144.76.153.40
172.217.18.10
172.217.21.195
173.199.70.152
184.106.55.73
192.185.186.156
199.34.228.49
2.16.186.107
2.18.234.206
54.76.40.173
66.147.244.68
91.235.228.113
94.31.29.16
2841c0975cb9514396c1592125f26a419b1363aa61a164609bb10279d6a1f4bc
34e27e0a9362dfd2fa81373449fcc31384be08332afca5199d03af87b6038fbe
3c21898270be83879ea3f0855b6a9b5d5143f20c7c9ea54a6ab00c07d7695a35
3cf98145b9999ee59b1d095b66702a8dc2739cef71601b4a6e4cdeaa8b25e5a1
405b8c8520cdad7cb07f4355e60e83756cc9daea935c253c114e8ac6cfadcf48
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
6af6b447b89c934bfa4ba4c086967fb4272ed8d7ca0f79b6af1d827bfcfd5450
81eb80d63646078ecbd17325d450a6767848eabbfb61191515c20c6c6ea77243
a0066433a645f196eb0ece299c86dc27a5c74dbe2cae7ae6d9211c1549a92085
a0827f6ea01a61c7b5ac7f7c08d8d4ac686d3ed588664ec942ccc95e75d1a4ec
b07e34af785388f0090900d9ca200b82c6b40014795bc22fbd5acfb873427f6a
bc475053788581a2d98e5cef8d8ba24ec818a6b521d570c2b926d12c2a72d87e
c73444791775cffbe2d7a9c4704af564ce3362c00082d5ad88a11924ee235101
d2e5524e748fcf488f8f63bb97e61143c1abc49eba61a48c15d25866acdcb056
d48183c5037dadb91300e66ceeee886c74102fbc5b7f86766cf544cc700c34eb
d8a0ac4ffb0661707d95a8c49317629194b8667ca2237db63949f4bd3743fcd5
f7c3968ce29bac77d89cb115b04431866e15c90e2319c16187dbb528c69180d8
f882737e671f18d4bd652abc2360a34bd082692ba217cbc01f61791cea8e191f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c