urlscan.io logo urlscan.io
SecurityTrails logo

clid11rtu.icu Open in urlscan Pro
190.115.24.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ekzvndc.blogspot.com/
Effective URL: https://clid11rtu.icu/
Submission: On February 13 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 190.115.24.114, located in Belize and belongs to DDOS-GUARD CORP., BZ. The main domain is clid11rtu.icu.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 12th 2020. Valid for: 3 months.
This is the only time clid11rtu.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 190.115.19.74 262254 (DDOS-GUAR...)
6 190.115.24.114 262254 (DDOS-GUAR...)
14 5
2    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ekzvndc.blogspot.com
4    2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:4001:821::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
resources.blogblog.com
2    190.115.19.74 (Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
clickwest.xyz
ac-payform.site
6    190.115.24.114 (Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
clid11rtu.icu
Domain Requested by
6 clid11rtu.icu ekzvndc.blogspot.com
clid11rtu.icu
4 www.blogger.com ekzvndc.blogspot.com
2 ekzvndc.blogspot.com ekzvndc.blogspot.com
1 ac-payform.site 1 redirects
1 clickwest.xyz 1 redirects
1 resources.blogblog.com ekzvndc.blogspot.com
1 apis.google.com ekzvndc.blogspot.com
14 7

This site contains no links.

Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
clid11rtu.icu
Let's Encrypt Authority X3		 2020-02-12 -
2020-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://clid11rtu.icu/
Frame ID: CDD760A095D8E27056311C024226674B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ekzvndc.blogspot.com/ Page URL
  2. http://clickwest.xyz/public/7963959319729721 HTTP 302
    https://ac-payform.site/public/7963959319729721 HTTP 302
    https://clid11rtu.icu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^\/]+\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^\/]+\.blogspot\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

427 kB
Transfer

1807 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ekzvndc.blogspot.com/ Page URL
  2. http://clickwest.xyz/public/7963959319729721 HTTP 302
    https://ac-payform.site/public/7963959319729721 HTTP 302
    https://clid11rtu.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ekzvndc.blogspot.com/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2450b766fb2e875b88d9f7377c88d4fc02dab97decde9add3cbf928db03a661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
ekzvndc.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Thu, 13 Feb 2020 18:00:30 GMT
date
Thu, 13 Feb 2020 18:00:30 GMT
cache-control
private, max-age=0
last-modified
Thu, 28 Nov 2019 00:56:31 GMT
etag
W/"33812b8717aadf8e40424c96430515d632cbed328c5f8bf06f4c60cdb1af3678"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
8213
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 29 Jan 2020 18:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 29 Jan 2020 13:14:54 GMT
server
sffe
age
1295688
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7979
x-xss-protection
0
expires
Thu, 28 Jan 2021 18:05:42 GMT
plusone.js
apis.google.com/js/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
719c8d254545fb9bab1e3f4c99d94f4209253521bf8600240caf19f0d57b26d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 18:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-7XYjFBgdrlQEZeImmYhg1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"cf1525a4f087763d14baa8e9f429e9e5"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Thu, 13 Feb 2020 18:00:30 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3542561903545991820&zx=695e42d2-e6c7-4d7a-bf61-bd2be5c5f339
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 13 Feb 2020 18:00:30 GMT
server
GSE
date
Thu, 13 Feb 2020 18:00:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 12 Feb 2020 04:29:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Feb 2020 16:22:10 GMT
server
sffe
age
135087
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Wed, 19 Feb 2020 04:29:03 GMT
cookienotice.js
ekzvndc.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ekzvndc.blogspot.com/js/cookienotice.js
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 18:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Feb 2020 15:20:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2026
x-xss-protection
0
expires
Thu, 20 Feb 2020 18:00:30 GMT
230557964-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/230557964-widgets.js
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 06 Feb 2020 23:27:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 21:23:53 GMT
server
sffe
age
585171
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53094
x-xss-protection
0
expires
Fri, 05 Feb 2021 23:27:39 GMT
Primary Request /
clid11rtu.icu/
Redirect Chain
  • http://clickwest.xyz/public/7963959319729721
  • https://ac-payform.site/public/7963959319729721
  • https://clid11rtu.icu/
1000 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clid11rtu.icu/
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
e6dbc79d6d5e960bb8876545dc44256df480471ff08585f912a2c62b4737c14b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

:method
GET
:authority
clid11rtu.icu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://ekzvndc.blogspot.com/

Response headers

status
200
server
ngjit
content-security-policy
upgrade-insecure-requests;
set-cookie
__ddg1=LEIwdJvFcq4q8BmOGngM; Domain=.clid11rtu.icu; HttpOnly; Path=/; Expires=Fri, 12-Feb-2021 18:00:32 GMT
date
Thu, 13 Feb 2020 18:00:32 GMT
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
etag
W/"3e8-59e6966666eac"
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding

Redirect headers

Server
nginx/1.14.2
Date
Thu, 13 Feb 2020 18:00:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.14
Set-Cookie
PHPSESSID=a6u0kr5enn68k0sck58m1pmrii; path=/ buyer=87fb314f90d5c8681d0b5a33c48b8e59; expires=Sat, 14-Mar-2020 18:00:31 GMT; Max-Age=2592000; path=/; domain=ac-payform.site
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://clid11rtu.icu/
authorization.css
www.blogger.com/dyn-css/ 		1 B
114 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3542561903545991820&zx=695e42d2-e6c7-4d7a-bf61-bd2be5c5f339
Requested by
Host: ekzvndc.blogspot.com
URL: https://ekzvndc.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ekzvndc.blogspot.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 13 Feb 2020 18:00:31 GMT
server
GSE
date
Thu, 13 Feb 2020 18:00:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
app.49e0a7cd664f143cd336556d3acaa831.css
clid11rtu.icu/static/css/ 		148 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clid11rtu.icu/static/css/app.49e0a7cd664f143cd336556d3acaa831.css
Requested by
Host: clid11rtu.icu
URL: https://clid11rtu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
61363cacf32eab4a3a092fbb52daad8426e0489d569658b3397845405861c5f6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clid11rtu.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
server
ngjit
age
491
etag
"24e2c-59e696665ab5c"
vary
Accept-Encoding
content-type
text/css
status
200
date
Thu, 13 Feb 2020 17:52:21 GMT
accept-ranges
bytes
loading_spinner2.gif
clid11rtu.icu/static/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clid11rtu.icu/static/img/loading_spinner2.gif
Requested by
Host: clid11rtu.icu
URL: https://clid11rtu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
915c186c42d88d0c8f7cb1b9ac823ba63a600164822aa663cbb95f14c6cf0225
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clid11rtu.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

content-security-policy
upgrade-insecure-requests;
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
server
ngjit
age
5049
etag
"3fd2-59e696665af44"
content-type
image/gif
status
200
date
Thu, 13 Feb 2020 16:36:23 GMT
accept-ranges
bytes
manifest.2ae2e69a05c33dfc65f8.js
clid11rtu.icu/static/js/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clid11rtu.icu/static/js/manifest.2ae2e69a05c33dfc65f8.js
Requested by
Host: clid11rtu.icu
URL: https://clid11rtu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
9af932883b50b2b4e242be6d47d2a318133a5df29e7df41f6275ba044d179801
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clid11rtu.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
server
ngjit
age
491
etag
"3b61-59e696665a774"
vary
Accept-Encoding
content-type
application/javascript
status
200
date
Thu, 13 Feb 2020 17:52:21 GMT
accept-ranges
bytes
vendor.4706d2b74d8817f2fa45.js
clid11rtu.icu/static/js/ 		1012 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clid11rtu.icu/static/js/vendor.4706d2b74d8817f2fa45.js
Requested by
Host: clid11rtu.icu
URL: https://clid11rtu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
ad88a214c038221533ffc1cce93c16ae8623bdd6c0d16055a27000fc21e0dacb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clid11rtu.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
server
ngjit
age
491
etag
"fcf96-59e696665a38c"
vary
Accept-Encoding
content-type
application/javascript
status
200
date
Thu, 13 Feb 2020 17:52:21 GMT
accept-ranges
bytes
app.8b9a3ec9de8c9fac1011.js
clid11rtu.icu/static/js/ 		355 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clid11rtu.icu/static/js/app.8b9a3ec9de8c9fac1011.js
Requested by
Host: clid11rtu.icu
URL: https://clid11rtu.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
190.115.24.114 , Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS
Software
ngjit /
Resource Hash
90502eef44f45fd0ae92de6beb0993237c7079f9ac2429661e62a0dfc649a92b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://clid11rtu.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
upgrade-insecure-requests;
content-encoding
br
last-modified
Wed, 12 Feb 2020 23:33:30 GMT
server
ngjit
age
491
etag
"58dd3-59e696665a774"
vary
Accept-Encoding
content-type
application/javascript
status
200
date
Thu, 13 Feb 2020 17:52:21 GMT
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _0x2bb3 function| _0xbbb5 function| webpackJsonp object| _0x251d function| _0x299d function| _0x57045a function| _0x3e63fd function| _0x873b32 function| _0x3648dd object| _0x4495 function| _0x5a87 function| _0x14b613 function| _0x247d14 function| _0x532230 function| _0x1cd82a object| __core-js_shared__

1 Cookies

Domain/Path Name / Value
.clid11rtu.icu/ Name: __ddg1
Value: LEIwdJvFcq4q8BmOGngM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block