urlscan.io logo urlscan.io
SecurityTrails logo

www.civilianclub.com Open in urlscan Pro
2606:4700:3032::ac43:aa89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html#qs=r-ajbhhkacaegkfdfcacaejchfababacafcacbjaccacbffacjdiaidejhacb
Effective URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b51...
Submission: On December 22 via api from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::ac43:aa89, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.civilianclub.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 15th 2020. Valid for: a year.
This is the only time www.civilianclub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.60.40.4 8075 (MICROSOFT...)
1 1 74.122.196.13 53264 (NCHC-603)
1 1 35.204.93.160 15169 (GOOGLE)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
3 52.219.47.167 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
18 4
1    20.60.40.4 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tgbtyvk.blob.core.windows.net
1    74.122.196.13 (West Chicago, United States)

ASN53264 (NCHC-603, US)
PTR: anatomy-tbranch.sanescale.net
74.122.196.13
1    35.204.93.160 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 160.93.204.35.bc.googleusercontent.com
aptrk15.com
1    2606:4700:3033::681f:58f3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.morgancreon.com
12    2606:4700:3032::ac43:aa89 (United States)

ASN13335 (CLOUDFLARENET, US)
www.civilianclub.com
3    52.219.47.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com
s3-eu-central-1.amazonaws.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Domain Requested by
12 www.civilianclub.com tgbtyvk.blob.core.windows.net
www.civilianclub.com
3 s3-eu-central-1.amazonaws.com www.civilianclub.com
2 fonts.googleapis.com www.civilianclub.com
1 www.morgancreon.com 1 redirects
1 aptrk15.com 1 redirects
1 tgbtyvk.blob.core.windows.net
18 6

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2020-12-02 -
2021-12-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-15 -
2021-12-14		 a year crt.sh
*.s3.eu-central-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-27 -
2021-09-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Frame ID: B489DDBD52DD6B28F62DFD342A40A005
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html Page URL
  2. http://74.122.196.13/qs=r-ajbhhkacaegkfdfcacaejchfababacafcacbjaccacbffacjdiaidejhacb HTTP 302
    https://aptrk15.com/?a=885&oc=11032&c=32209&m=3&s1=38164_1_11&s2=80669_1_0_0_1_3594241_41_1827_7... HTTP 302
    https://www.morgancreon.com/tracking/5a72eb17933c8e70088bb594?src=5729b5abebf831fa4977efc1&s1=885&s2=&s3... HTTP 302
    https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc... Page URL

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

749 kB
Transfer

1190 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html Page URL
  2. http://74.122.196.13/qs=r-ajbhhkacaegkfdfcacaejchfababacafcacbjaccacbffacjdiaidejhacb HTTP 302
    https://aptrk15.com/?a=885&oc=11032&c=32209&m=3&s1=38164_1_11&s2=80669_1_0_0_1_3594241_41_1827_72386_1_10_1044&s3=41 HTTP 302
    https://www.morgancreon.com/tracking/5a72eb17933c8e70088bb594?src=5729b5abebf831fa4977efc1&s1=885&s2=&s3=&s4=&s5=&k=5cc81e1caba96e2ee7161587&extuid=181798646 HTTP 302
    https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
11006.html
tgbtyvk.blob.core.windows.net/tqdqptn/ 		101 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.40.4 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
77c312cf1cfedddb18101ded007f0c256eef18a4e8e75d809813f96ad2d9775e

Request headers

Host
tgbtyvk.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
101
Content-Type
text/html
Content-MD5
idf1KUwESQh+eK152rQFuQ==
Last-Modified
Tue, 22 Dec 2020 09:25:33 GMT
ETag
0x8D8A65B88494395
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
3fba7977-b01e-0045-7c52-d89112000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Tue, 22 Dec 2020 11:05:33 GMT
Primary Request nrp=5fe1d300486b516aa6757594
www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/
Redirect Chain
  • http://74.122.196.13/qs=r-ajbhhkacaegkfdfcacaejchfababacafcacbjaccacbffacjdiaidejhacb
  • https://aptrk15.com/?a=885&oc=11032&c=32209&m=3&s1=38164_1_11&s2=80669_1_0_0_1_3594241_41_1827_72386_1_10_1044&s3=41
  • https://www.morgancreon.com/tracking/5a72eb17933c8e70088bb594?src=5729b5abebf831fa4977efc1&s1=885&s2=&s3=&s4=&s5=&k=5cc81e1caba96e2ee7161587&extuid=181798646
  • https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Requested by
Host: tgbtyvk.blob.core.windows.net
URL: https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c2ca1b9164b89430e7234c073a666818f5ef441f0e303721aadf1e7d9b09f2c

Request headers

:method
GET
:authority
www.civilianclub.com
:scheme
https
:path
/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tgbtyvk.blob.core.windows.net/tqdqptn/11006.html#qs=r-ajbhhkacaegkfdfcacaejchfababacafcacbjaccacbffacjdiaidejhacb

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1ccab9bf775649b1130694af60adf8541608635136; expires=Thu, 21-Jan-21 11:05:36 GMT; path=/; domain=.civilianclub.com; HttpOnly; SameSite=Lax laravel_session=eyJpdiI6IkExa0NJYmNSeUE5UzRnUkp2NnVcLzJBPT0iLCJ2YWx1ZSI6InQ5M3VZeVFWbnNVVWRyNXFoSGwxTDRPdDJKeHdoR295ZTh4TmREbmtvd3NNanVKaVlreU02cHowMGlIYkxtMFFFOGZ4Zm4yMDNJY0RqRHh0OEVXdHhRPT0iLCJtYWMiOiI2NmNkNzBmNDMzZGViYmY4MmZiODA1MTE0MTRkODMxYmE5NmMxMTY5M2JhYmQ5MjQ5NjcwNDlkMjNlN2Y3MWY3In0%3D; expires=Tue, 29-Dec-2020 09:44:36 GMT; Max-Age=599940; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-request-id
072bb9517d00002b291ea02000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h7d7NO7Qo48u3bjRrxD5rXFQ2avmGFbyc5%2FKK6Gb4cl8%2FVoznfN7UA3EtCATxIU8xEvrdEC4TqO16%2BftUTmOSPlGMLu3DZqQjw2ktOqNYWnm3%2BwNN0%2BTbDCdICP9Rffe3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60595e6269492b29-FRA
content-encoding
br

Redirect headers

date
Tue, 22 Dec 2020 11:05:36 GMT
set-cookie
__cfduid=dddbd2e715eff93ead6d92ac3425c5a961608635136; expires=Thu, 21-Jan-21 11:05:36 GMT; path=/; domain=.morgancreon.com; HttpOnly; SameSite=Lax c2lub3M=5fe1d300486b516aa6757594; Max-Age=595999; Path=/; Expires=Tue, 29 Dec 2020 08:38:55 GMT connect.sid=s%3AIBN4S83yz2ZpA535K0z-JKyh15LclQ36.HKIhLiLZ4eTUB%2F2LekKSZ1Zca%2F%2ByoxPHCZNH6YmWTjY; Path=/; HttpOnly
x-powered-by
Express
access-control-allow-origin
*
location
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
cf-cache-status
DYNAMIC
cf-request-id
072bb950c90000dfef2da27000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6DRe8QQ3wWV46%2BLKiiXewEn62rrDoWa12Ey%2FQl7HYJFxtyBYrCuWoOt68jjGlMIADvCoVHM4k47CHFzG9QzP1sWlhdp1iVRZrQGgTDybEzGCJ%2BDYFjxATzMCX6Pdm2g4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
60595e614943dfef-FRA
webtoolkit.base64.js
www.civilianclub.com/js/plugins/base64decode/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/js/plugins/base64decode/webtoolkit.base64.js
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf105e00754ed199cca74149ffcaae97684c72eee00602223f918efdd96cc45f

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 Jun 2020 11:41:06 GMT
server
cloudflare
age
2277
etag
W/"5eeca452-d67"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bDtoUw748%2FQGwHOiL4aJW3k9gs9ayKlRlKEsvow7CYh1pp6WAFeocS0KjKYgtenlFQZ2yYX%2BHMAR8SCLWmE8cxHmfFD%2FPdEXNHsYYir1ecK0Mg3ryo3rgdcuSq4vX7T0XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548152b29-FRA
cf-request-id
072bb9534e00002b295f14d000000001
bootstrap.css
www.civilianclub.com/css/ 		144 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/css/bootstrap.css
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 10:14:22 GMT
server
cloudflare
age
2124
etag
W/"59410c7e-23fe6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CrctrOHMxSF7XTppA5L0Sfs9J4pL4Y5S36JFA7Uc4mSsPGS8modC7%2BkyMMXoxMIQ8aZJUolw9SoDx4rF6J1J0PVvpsw6e4GPC02Cy5xdu%2BgfgDlaNo%2BdusdPxrA8V5KdaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e65480d2b29-FRA
cf-request-id
072bb9534c00002b2958850000000001
font-awesome.min.css
www.civilianclub.com/assets/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2017 10:55:51 GMT
server
cloudflare
age
2277
etag
W/"59e49037-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j0PjsjwfdzEwJ2YS4AbnIbIbnIE4FcoufbRW9fH7UT%2FucrC1HmKqjAtE795GkPiea3cNTrxaGMVYVTEmDjEeJ62JOjIHvLjz2vavr5AHxggH9mL838DGK%2Fs7er4xrswYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548102b29-FRA
cf-request-id
072bb9534d00002b29389fb000000001
jquery.js
www.civilianclub.com/js/ 		278 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/js/jquery.js
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 09:51:56 GMT
server
cloudflare
age
2238
etag
W/"5941073c-456ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cXBE9s9Np4f%2BwBGeeWpYuSasA10sE14S0T5e8N7a0q46LgffArFnYrBBlHJgsfyNcZX18%2BrszagQ0ah4%2F61j5O2yPmt6QLmarZ91fphjkkAHM8vMu2P3N%2BIQ99vUH%2BzabA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548162b29-FRA
cf-request-id
072bb9534e00002b29698c4000000001
bootstrap.js
www.civilianclub.com/js/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/js/bootstrap.js
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 09:51:58 GMT
server
cloudflare
age
2124
etag
W/"5941073e-10d1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=REUhP5Ew2xzB%2BlmmI9XuR1YWC4%2BVLt6Euiu7MmgAR7CNFBdf6zqvs0YmeaNMppXLC8epCagRneAHUoHnJLA%2B0b%2BAKR1xtfd2%2BRns6VvfvxMGTTdqFn94ZG%2B%2FV9QjVT5oGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548172b29-FRA
cf-request-id
072bb9534e00002b292aac7000000001
jquery.cookie.js
www.civilianclub.com/js/plugins/jqueryCookie/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/js/plugins/jqueryCookie/jquery.cookie.js
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 09:55:44 GMT
server
cloudflare
age
2277
etag
W/"59410820-c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JuaVRQAH%2Bv%2FhDQ7tHdriWLqlgGvqlAzOrl9WOxT2bc0xR6alZ024djN6qWQjP7EFP714Nw4Yo8Gip9MeFi9KWWvLG%2Btzmo%2BUXTsK8UHvnTJS3bL2Y5sa1pyh%2FZW%2BqfNPCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548192b29-FRA
cf-request-id
072bb9534e00002b2908ae0000000001
apple_christmass2.css
www.civilianclub.com/css/tpl_css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/css/tpl_css/apple_christmass2.css
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 13 Mar 2018 09:55:48 GMT
server
cloudflare
etag
W/"5aa7a024-1e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZbP8YjoyuC2A5XGLz5kQTlUEMvgDgEtkEQG4Dro0KIamk7kgT2ODEQ1BQ0zuO8dvolybQ4w6ZEkVzp5hdOY7aea8BuEFe4XtU7BOsNVq%2FaJ%2B9ikbBzPNC6oBkgzirzfzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548112b29-FRA
cf-request-id
072bb9534d00002b2968841000000001
backend.css
www.civilianclub.com/css/ 		2 KB
891 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/css/backend.css
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 10:13:06 GMT
server
cloudflare
age
2277
etag
W/"59410c32-8ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ayoGaACc1gT0aD7kXL8yH7gCanxVDSYqw%2Bk2L8WPazbjLsuy2%2FhfECUU%2FCQZmdodE0KSMb605UAfHiyoyQGWjTljdoC8Y7462MU9%2FwoIloK36o%2FFfJr8vtOf3B2P7nuLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548122b29-FRA
cf-request-id
072bb9534d00002b294abe9000000001
currency_cnd2.js
www.civilianclub.com/custom_js/ 		1 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/custom_js/currency_cnd2.js
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 10:12:22 GMT
server
cloudflare
age
2277
etag
W/"59410c06-5f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7JHAgeaF92DPIFv17DI8AmvbW2k4hvjTn1FXaTxj1CQqaFRG6TLSf7RcR7VEWTD3sqPytniLuZOGl4Q7ggNoR%2BFfDC1toKohWmnN7rRTUh7hUGP3L1nmvxh5NOMVKjPB3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e65481c2b29-FRA
cf-request-id
072bb9534e00002b29431e7000000001
blue_notys3.css
www.civilianclub.com/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/css/blue_notys3.css
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2017 11:25:47 GMT
server
cloudflare
age
2165
etag
W/"5a0c243b-2381"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4iagEWo%2BkS85xX2ceNZtPsp6FO2WgrarDQhgR4%2FvPRXMuQnSxhbQf44lq94uDvdAh96jWk6%2FXp6PRb6fH7XRn3eeMLFwdsP3t7QykMURO9jVnz5lugkLMWzXrGK5BxXIaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
60595e6548132b29-FRA
cf-request-id
072bb9534d00002b291c220000000001
prisma.png
s3-eu-central-1.amazonaws.com/igamingcloudstr/images/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/images/prisma.png
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.47.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7a8f90005f7315082ccf4c60990c5399f6bf0231dab4447a0e5635e9cc50cfdc

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 22 Dec 2020 11:05:37 GMT
Last-Modified
Tue, 13 Mar 2018 09:51:58 GMT
Server
AmazonS3
x-amz-request-id
7D77AFAEAE9469C6
ETag
"7a81acb0406d6c23e8df2e8099a4e926"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
56040
x-amz-id-2
0T1xOOVvQkxkF+lXyLOYPvFJugZHv8rVdqUamhU9gPW/DpvXt54SLN0j+9b3nfu4GvJI8eKumP0=
main_mobile-prisma.png
s3-eu-central-1.amazonaws.com/igamingcloudstr/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/images/main_mobile-prisma.png
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.47.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
63683286d7549a1037fef96c6df2d205efef2ca4e6db18680bb2c97bcc535157

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 22 Dec 2020 11:05:37 GMT
Last-Modified
Tue, 13 Mar 2018 11:51:51 GMT
Server
AmazonS3
x-amz-request-id
14FAABF5F48D8B7C
ETag
"6d9b05f8650ce09c4257f203defc4878"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
24034
x-amz-id-2
7W65pMZbwqIFxb4PpmeNWS3uTMSMeVG4ql7OsE11ZAQgDzwVjI81kqn6Y6CNLT7aUDhW3hmVRm4=
css
fonts.googleapis.com/ 		683 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/css/backend.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc87c7cfb03bf6627f7953b1d21bd00198c1235774294ff40b8e942ffa38a00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.civilianclub.com/css/backend.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Dec 2020 10:59:47 GMT
server
ESF
date
Tue, 22 Dec 2020 11:05:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Dec 2020 11:05:36 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/css/blue_notys3.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.civilianclub.com/css/blue_notys3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Dec 2020 09:12:58 GMT
server
ESF
date
Tue, 22 Dec 2020 11:05:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Dec 2020 11:05:36 GMT
itis-prisma.jpg
s3-eu-central-1.amazonaws.com/igamingcloudstr/images/ 		458 KB
459 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-central-1.amazonaws.com/igamingcloudstr/images/itis-prisma.jpg
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.47.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
fb7037e2e9d71421162042e963c4fd4ffbde2f3962616bf0cf21f46ab874c0aa

Request headers

Referer
https://www.civilianclub.com/survey/14033_2/source=5729b5abebf831fa4977efc1/subid=5729b5abebf831fa4977efc1/nrp=5fe1d300486b516aa6757594
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 22 Dec 2020 11:05:38 GMT
Last-Modified
Tue, 13 Mar 2018 09:55:31 GMT
Server
AmazonS3
x-amz-request-id
F7627F0895C0F15B
ETag
"1594a684b4d5de781b4cbffbfe4bad9d"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
469330
x-amz-id-2
ZVkVgrW3v5f/DxtU4Vsdt9hKhQ0HBXx3N7ferhWsAsZruvVW6TC18zMM7XY6Xmj3K+oSFxSSZFo=
fontawesome-webfont.woff2
www.civilianclub.com/assets/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.civilianclub.com/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.civilianclub.com
URL: https://www.civilianclub.com/assets/font-awesome/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.civilianclub.com
Referer
https://www.civilianclub.com/assets/font-awesome/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Dec 2020 11:05:38 GMT
cf-cache-status
MISS
last-modified
Mon, 16 Oct 2017 10:55:56 GMT
server
cloudflare
etag
"59e4903c-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4FIoszmIHMgt7X4z3IYvYGxgZrskw8mfZz3zXDkXE3uj%2FK6JnaDCwQbiY3jZp2fdTGxhwMx8B0ppD9qztdB5e9qYgx3X920qgMj4nAjwqwM3eaEIjURp6wTiwC0FQ2htdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
60595e6c58ed2b29-FRA
content-length
77160
cf-request-id
072bb957ba00002b292f87d000000001

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Base64 function| $ function| jQuery object| jQuery111309025048175442578 function| countdown number| numRight number| numQuestions object| answerDiv object| questionDiv object| numRightSpan object| numQuestionsSpan function| displayQuestion function| startTimer function| rand function| redirect string| survey_id number| interval_unit number| randomStep

4 Cookies

Domain/Path Name / Value
www.civilianclub.com/ Name: survey_id_16103
Value: true
www.civilianclub.com/ Name: b2ZmZXJXYWxs
Value: %7B%22campaign%22%3A%22MzMwNDE%3D%22%2C%22survey%22%3A%2216103%22%2C%22source%22%3A%225729b5abebf831fa4977efc1%22%2C%22subid%22%3A%22subid%3D5729b5abebf831fa4977efc1%22%2C%22firstSession%22%3A%22sWY8GNNR51ikV77SEhHRlevFkMtZTaKe18CZ0eoh_MzMwNDE%3D%22%7D
www.civilianclub.com/ Name: laravel_session
Value: eyJpdiI6IkExa0NJYmNSeUE5UzRnUkp2NnVcLzJBPT0iLCJ2YWx1ZSI6InQ5M3VZeVFWbnNVVWRyNXFoSGwxTDRPdDJKeHdoR295ZTh4TmREbmtvd3NNanVKaVlreU02cHowMGlIYkxtMFFFOGZ4Zm4yMDNJY0RqRHh0OEVXdHhRPT0iLCJtYWMiOiI2NmNkNzBmNDMzZGViYmY4MmZiODA1MTE0MTRkODMxYmE5NmMxMTY5M2JhYmQ5MjQ5NjcwNDlkMjNlN2Y3MWY3In0%3D
.civilianclub.com/ Name: __cfduid
Value: d1ccab9bf775649b1130694af60adf8541608635136

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aptrk15.com
fonts.googleapis.com
s3-eu-central-1.amazonaws.com
tgbtyvk.blob.core.windows.net
www.civilianclub.com
www.morgancreon.com
20.60.40.4
2606:4700:3032::ac43:aa89
2606:4700:3033::681f:58f3
2a00:1450:4001:802::200a
35.204.93.160
52.219.47.167
74.122.196.13
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3d67ca5d28f1dd6fc58ae8f8ab79b70755b30a52eb04572a6df8e50869ff748e
4c2ca1b9164b89430e7234c073a666818f5ef441f0e303721aadf1e7d9b09f2c
63683286d7549a1037fef96c6df2d205efef2ca4e6db18680bb2c97bcc535157
77c312cf1cfedddb18101ded007f0c256eef18a4e8e75d809813f96ad2d9775e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a8f90005f7315082ccf4c60990c5399f6bf0231dab4447a0e5635e9cc50cfdc
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d
b336ee919770f24464a0092df7f6abc78383d7c7054174713908b4b079cdae2e
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bf105e00754ed199cca74149ffcaae97684c72eee00602223f918efdd96cc45f
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0
dc87c7cfb03bf6627f7953b1d21bd00198c1235774294ff40b8e942ffa38a00f
ef43a4d502ffb688656851d788c42869d47e8840d007b4f4b66f62530171acd4
ef9c554bca3ce5b9f978b626ff8c3a441c0468af2599bdb4e9b6b32f6743f058
fb7037e2e9d71421162042e963c4fd4ffbde2f3962616bf0cf21f46ab874c0aa