urlscan.io logo urlscan.io
SecurityTrails logo

tb.gotcha.pw Open in urlscan Pro
104.18.38.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://tb.gotcha.pw/
Submission: On March 31 via manual from TH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 104.18.38.24, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is tb.gotcha.pw.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 26th 2018. Valid for: 6 months.
This is the only time tb.gotcha.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.18.38.24 13335 (CLOUDFLAR...)
2 94.31.29.16 54104 (AS-STACKPATH)
1 94.31.29.54 6461 (ZAYO-6461)
1 104.19.196.102 13335 (CLOUDFLAR...)
2 199.96.57.6 13414 (TWITTER)
9 5
3    104.18.38.24 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tb.gotcha.pw
2    94.31.29.16 (United Kingdom)

ASN54104 (AS-STACKPATH - netDNA, US)
PTR: 94.31.29.16.IPYX-077437-ZYO.above.net
maxcdn.bootstrapcdn.com
1    94.31.29.54 (United Kingdom)

ASN6461 (ZAYO-6461 - Zayo Bandwidth, US)
PTR: 94.31.29.54.IPYX-077437-ZYO.above.net
code.jquery.com
1    104.19.196.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com
Domain Requested by
3 tb.gotcha.pw tb.gotcha.pw
2 platform.twitter.com tb.gotcha.pw
platform.twitter.com
2 maxcdn.bootstrapcdn.com tb.gotcha.pw
1 cdnjs.cloudflare.com tb.gotcha.pw
1 code.jquery.com tb.gotcha.pw
9 5

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
www.google.com
Subject Issuer Validity Valid
sni69096.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-03-26 -
2018-10-02		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://tb.gotcha.pw/
Frame ID: 7D73C6A4064FF215BFE6B2BC33571ABC
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

9
Requests

33 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

115 kB
Transfer

411 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tb.gotcha.pw/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tb.gotcha.pw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.38.24 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed83d82d214ab2fd7dba4f1b71c4de0cc3bcf62bb3868c19361fdb1cf0930cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
tb.gotcha.pw
:scheme
https
:method
GET
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/html; charset=utf-8
status
200
set-cookie
__cfduid=d3a04dbde22a36bce7a8bf286d31797cd1522477449; expires=Sun, 31-Mar-19 06:24:09 GMT; path=/; domain=.gotcha.pw; HttpOnly; Secure
cf-ray
4040bb3e6a1997a4-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 		141 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
SPDY
Server
94.31.29.16 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
94.31.29.16.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://tb.gotcha.pw/
Origin
https://tb.gotcha.pw

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
last-modified
Tue, 20 Feb 2018 05:57:56 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"450fc463b8b1a349df717056fbb3e078"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
expires
Tue, 26 Mar 2019 06:24:10 GMT
gotcha.css
tb.gotcha.pw/static/ 		854 B
782 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tb.gotcha.pw/static/gotcha.css
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.38.24 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
47e9eb256bec595b4444884f28390bfe48b807107b2fc2db53dae3c3f5359886
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

:path
/static/gotcha.css
pragma
no-cache
cookie
__cfduid=d3a04dbde22a36bce7a8bf286d31797cd1522477449
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
tb.gotcha.pw
referer
https://tb.gotcha.pw/
:scheme
https
:method
GET
Referer
https://tb.gotcha.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Mar 2018 20:39:37 GMT
server
cloudflare
etag
W/"5abd4f09-356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=1800
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4040bb3eaa3197a4-FRA
expires
Sat, 31 Mar 2018 06:54:10 GMT
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
SPDY
Server
94.31.29.54 , United Kingdom, ASN6461 (ZAYO-6461 - Zayo Bandwidth, US),
Reverse DNS
94.31.29.54.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://tb.gotcha.pw/
Origin
https://tb.gotcha.pw

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2017 19:01:15 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"58d026fb-10fdd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
tb.gotcha.pw/cdn-cgi/scripts/d07b1474/cloudflare-static/ 		973 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tb.gotcha.pw/cdn-cgi/scripts/d07b1474/cloudflare-static/email-decode.min.js
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.38.24 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
b8a876c091593e2dd069f5c2405da574e022481419f705a866aaab2959f6e3ad
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

:path
/cdn-cgi/scripts/d07b1474/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
__cfduid=d3a04dbde22a36bce7a8bf286d31797cd1522477449
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
tb.gotcha.pw
referer
https://tb.gotcha.pw/
:scheme
https
:method
GET
Referer
https://tb.gotcha.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
last-modified
Wed, 28 Mar 2018 10:47:56 GMT
server
cloudflare-nginx
etag
W/"5abb72dc-3cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800 public
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
4040bb3eaa3397a4-FRA
expires
Mon, 02 Apr 2018 06:24:10 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://tb.gotcha.pw/
Origin
https://tb.gotcha.pw

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Feb 2018 04:37:54 GMT
server
cloudflare
status
200
etag
W/"5a963222-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4040bb3ebf8a975c-FRA
expires
Thu, 21 Mar 2019 06:24:10 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
SPDY
Server
94.31.29.16 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
94.31.29.16.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer
https://tb.gotcha.pw/
Origin
https://tb.gotcha.pw

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
last-modified
Tue, 20 Feb 2018 05:58:03 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31104000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
expires
Tue, 26 Mar 2019 06:24:10 GMT
widgets.js
platform.twitter.com/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: tb.gotcha.pw
URL: https://tb.gotcha.pw/
Protocol
SPDY
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
9faabd8649a917d9f6d069114884700678b6eed5024fe0ca68c776ce28d20735

Request headers

Referer
https://tb.gotcha.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
age
39
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
36101
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
last-modified
Tue, 27 Mar 2018 17:50:46 GMT
x-timer
S1522477450.085043,VS0,VE0
etag
"a786499e7d174894a551f3f3e7075999+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
button.b74390cfaab5c0218a0e372047007e13.js
platform.twitter.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.b74390cfaab5c0218a0e372047007e13.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
SPDY
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
bbd430b449d2b33bca8d74b8a51324a9e92c993d5ae3c37e23aa2713f2cc338e

Request headers

Referer
https://tb.gotcha.pw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Sat, 31 Mar 2018 06:24:10 GMT
content-encoding
gzip
age
304323
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1399
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
last-modified
Tue, 27 Mar 2018 17:14:57 GMT
x-timer
S1522477450.151470,VS0,VE0
etag
"26d4c3cf8f7cd846e11c5b02054e8623+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| pathSubmit function| Popper object| bootstrap function| __twttrll object| twttr object| __twttr

1 Cookies

Domain/Path Name / Value
.gotcha.pw/ Name: __cfduid
Value: d3a04dbde22a36bce7a8bf286d31797cd1522477449

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload