URL: https://app1.gocatapult.com/
Submission Tags: @phishunt_io
Submission: On October 17 via api from ES

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 45.126.246.230, located in Frankfurt am Main, Germany and belongs to ARYAKA-ARIN, US. The main domain is app1.gocatapult.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 3rd 2019. Valid for: a year.
This is the only time app1.gocatapult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 45.126.246.230 11179 (ARYAKA-ARIN)
13 1
Apex Domain
Subdomains
Transfer
13 gocatapult.com
app1.gocatapult.com
555 KB
13 1
Domain Requested by
13 app1.gocatapult.com app1.gocatapult.com
13 1

This site contains links to these domains. Also see Links.

Domain
www.gocatapult.com
twitter.com
www.linkedin.com
www.youtube.com
Subject Issuer Validity Valid
flexqms2.gocatapult.com
Go Daddy Secure Certificate Authority - G2
2019-10-03 -
2020-10-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://app1.gocatapult.com/
Frame ID: 3DC46BFB8D7C6D7EE68DE6265A73345C
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+ ng-version="([\d.]+)"/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

555 kB
Transfer

2035 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
app1.gocatapult.com/
907 B
1 KB
Document
General
Full URL
https://app1.gocatapult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
57b7c8c2ec476af45c08cd3ca661a3559d2e531ea7ac63d07c09a69769b0eb2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
app1.gocatapult.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
Set-Cookie
JSESSIONID=2B6D2F0522E42741AD8F3B5191BB1EC6; Path=/; Secure; HttpOnly
Content-Type
text/html;charset=ISO-8859-1
Content-Language
en-US
Content-Length
907
Date
Sat, 17 Oct 2020 12:34:21 GMT
angular.material.theme.css
app1.gocatapult.com/css/
43 KB
6 KB
Stylesheet
General
Full URL
https://app1.gocatapult.com/css/angular.material.theme.css
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
2747d087fe24ce1b538ce84bdad06a421e65135e7f4167c19c701b4ef6c4bcc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:40:15 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
login.css
app1.gocatapult.com/css/
461 KB
59 KB
Stylesheet
General
Full URL
https://app1.gocatapult.com/css/login.css
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
5c285358e923801afae1ce12d3d19e195633917fe8f92a3595295e62e83e9260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:40:19 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
login.js
app1.gocatapult.com/plugins/
1 MB
286 KB
Script
General
Full URL
https://app1.gocatapult.com/plugins/login.js
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
9fecdf96b6c735a8883b2d27192f7d5cb8f66ac215537f381dde1c8c59069e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:36:10 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
roboto-regular.woff2
app1.gocatapult.com/css/assets/fonts/
10 KB
11 KB
Font
General
Full URL
https://app1.gocatapult.com/css/assets/fonts/roboto-regular.woff2
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
31edab92d4ade297ab926d23ed2666d1c5f242675de7c0c1a0bb447024ac554d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
10196
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:29 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:21 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
font/woff2
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0
clouds.jpg
app1.gocatapult.com/css/assets/images/backgrounds/
49 KB
50 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/backgrounds/clouds.jpg
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
a31088ddbca82a32c13b26d3d0cdfe8c6ad9f933db4f915380ad4bf35f9df1ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Content-Length
50456
X-XSS-Protection
1; mode=block
Expires
0
Catapult-logo-SSV.png
app1.gocatapult.com/css/assets/images/backgrounds/
47 KB
47 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/backgrounds/Catapult-logo-SSV.png
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
67c5eb5431c5fbd5d3b36193d17570b9a9b963088848e0a48136c4b53a3fada8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
image/png
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Content-Length
47824
X-XSS-Protection
1; mode=block
Expires
0
oceans.jpg
app1.gocatapult.com/css/assets/images/backgrounds/
70 KB
71 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/backgrounds/oceans.jpg
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
5692ced8718efd61dc3ef398783e4dbfceb8932c94e6f081d9b422ea38d71cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
Date
Sat, 17 Oct 2020 12:34:21 GMT
X-Frame-Options
DENY
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges
bytes
Content-Length
71850
X-XSS-Protection
1; mode=block
Expires
0
twitter.svg
app1.gocatapult.com/css/assets/images/social-media/
871 B
2 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/social-media/twitter.svg
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
082f579d2670dd6302b31a7be61ece128710bf84b8f46b6b7208967ed883a390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
871
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:22 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0
linkedin-in.svg
app1.gocatapult.com/css/assets/images/social-media/
390 B
1 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/social-media/linkedin-in.svg
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
094d87c1e850daa48044c7e9087a1fe0e7257bddce3eed0dc229afff24ed5fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
390
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:22 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0
youtube.svg
app1.gocatapult.com/css/assets/images/social-media/
550 B
1 KB
Image
General
Full URL
https://app1.gocatapult.com/css/assets/images/social-media/youtube.svg
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
c26a8a2af321e7c439be6290eb94788504bc8aba8260252c5bbf4380ecdec93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
550
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:28 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:22 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0
roboto-light.woff2
app1.gocatapult.com/css/assets/fonts/
10 KB
11 KB
Font
General
Full URL
https://app1.gocatapult.com/css/assets/fonts/roboto-light.woff2
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
56268c528cf930249d519c876b3ea468be57a826910dfdee83e24d3e0ed7d1bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
10220
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:29 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:22 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
font/woff2
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0
roboto-medium.woff2
app1.gocatapult.com/css/assets/fonts/
10 KB
11 KB
Font
General
Full URL
https://app1.gocatapult.com/css/assets/fonts/roboto-medium.woff2
Requested by
Host: app1.gocatapult.com
URL: https://app1.gocatapult.com/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.126.246.230 Frankfurt am Main, Germany, ASN11179 (ARYAKA-ARIN, US),
Reverse DNS
Software
/
Resource Hash
a2e55fd5bfa4ecff5cbea9d754401d134fb8d3fa88e0cfff61dc17741d928281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://app1.gocatapult.com
Referer
https://app1.gocatapult.com/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Content-Length
10192
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 09 Oct 2020 12:30:29 GMT
X-Frame-Options
DENY
Date
Sat, 17 Oct 2020 12:34:22 GMT
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
DELETE, HEAD, GET, OPTIONS, POST, PUT
Content-Type
font/woff2
Access-Control-Allow-Origin
https://app1.gocatapult.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
x-requested-with, X-CSRF-TOKEN
Expires
0

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| _csrf string| _msg_server string| context object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__focusfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

1 Cookies

Domain/Path Name / Value
app1.gocatapult.com/ Name: JSESSIONID
Value: 2B6D2F0522E42741AD8F3B5191BB1EC6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block