URL: https://themidnightcitizen.com/
Submission: On September 28 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2606:4700:30::681c:1fb0, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is themidnightcitizen.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 28th 2018. Valid for: a year.
This is the only time themidnightcitizen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:30:... 13335 (CLOUDFLAR...)
2 188.72.202.174 35415 (WEBZILLA)
1 1 78.140.191.84 35415 (WEBZILLA)
1 188.72.213.175 35415 (WEBZILLA)
4 188.72.202.175 35415 (WEBZILLA)
1 2 88.212.196.101 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 8
Domain Requested by
9 themidnightcitizen.com themidnightcitizen.com
6 pushance.com themidnightcitizen.com
pushance.com
2 www.youtube.com themidnightcitizen.com
s.ytimg.com
2 counter.yadro.ru 1 redirects themidnightcitizen.com
1 s.ytimg.com www.youtube.com
1 cobalten.com themidnightcitizen.com
1 go.oclasrv.com 1 redirects
20 7

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2018-09-28 -
2019-09-28
a year crt.sh
pushance.com
COMODO RSA Domain Validation Secure Server CA
2018-09-05 -
2019-12-01
a year crt.sh
cobalten.com
RapidSSL RSA CA 2018
2018-06-13 -
2019-06-13
a year crt.sh
counter.yadro.ru
COMODO ECC Domain Validation Secure Server CA
2018-04-09 -
2020-04-08
2 years crt.sh
*.google.com
Google Internet Authority G3
2018-09-11 -
2018-12-04
3 months crt.sh

This page contains 3 frames:

Primary Page: https://themidnightcitizen.com/
Frame ID: CD6B509CAADBD5849ADC974741DE1A0C
Requests: 24 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jFBJnbTW_z8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=1&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fthemidnightcitizen.com&widgetid=1
Frame ID: CA75372E9F64237F403A647EA455E6BC
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 15FFE1EF69CA576EC015A53665EBE38B
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^mejs$/i

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

20
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

183 kB
Transfer

627 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://go.oclasrv.com/apu.php?zoneid=1899373 HTTP 302
  • https://cobalten.com/apu.php?zoneid=1899373
Request Chain 17
  • https://counter.yadro.ru/hit?t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u0438%u0446%u0438%u0438%20%u043D%u0430%20%u043B%u044E%u0431%u043E%u0439%20%u0432%u043A%u0443%u0441%2C%20%u0446%u0432%u0435%u0442%20%u0438%20%u0440%u0430%u0437%u043C%u0435%u0440%21%20%u0424%u043E%u0440%u043C%u0430%u0442%20mp3%20%u0432%u044B%u0441%u043E%u043A%u043E%u0433%u043E%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0430%2C%20%u0441%20%u0431%u044B%u0441%u0442%u0440%u043E%u0439%20%u0437%u0430%u0433%u0440%u0443%u0437%u043A%u043E%u0439%20%u0438%20%u0431%u0435%u0437%20%u0442%u043E%u0440%u043C%u043E%u0437%u043E%u0432%21;0.7731699601369475 HTTP 302
  • https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u0438%u0446%u0438%u0438%20%u043D%u0430%20%u043B%u044E%u0431%u043E%u0439%20%u0432%u043A%u0443%u0441%2C%20%u0446%u0432%u0435%u0442%20%u0438%20%u0440%u0430%u0437%u043C%u0435%u0440%21%20%u0424%u043E%u0440%u043C%u0430%u0442%20mp3%20%u0432%u044B%u0441%u043E%u043A%u043E%u0433%u043E%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0430%2C%20%u0441%20%u0431%u044B%u0441%u0442%u0440%u043E%u0439%20%u0437%u0430%u0433%u0440%u0443%u0437%u043A%u043E%u0439%20%u0438%20%u0431%u0435%u0437%20%u0442%u043E%u0440%u043C%u043E%u0437%u043E%u0432%21;0.7731699601369475

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
themidnightcitizen.com/
165 KB
41 KB
Document
General
Full URL
https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e172b6daf9e5cb4a6f9666ecec2db53154b3f5b3ea716876c90aad3a3fdd5b0

Request headers

:method
GET
:authority
themidnightcitizen.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Fri, 28 Sep 2018 12:35:42 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; expires=Sat, 28-Sep-19 12:35:40 GMT; path=/; domain=.themidnightcitizen.com; HttpOnly PHPSESSID=l4np1efr6mh5u07cv587pl1307; path=/
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4616404f5f90c2c4-FRA
content-encoding
gzip
mediaelementplayer.css
themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/
12 KB
3 KB
Stylesheet
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelementplayer.css
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0f4aad5fca470c0e2252f782d584377e38a79813fc2dc26bbad8e9a2b8dea8

Request headers

:path
/templates/carpetondemand/libs/mediaelementjs/mediaelementplayer.css
pragma
no-cache
cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; PHPSESSID=l4np1efr6mh5u07cv587pl1307
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:38 GMT
server
cloudflare
etag
W/"5b0ad3ce-2eef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4616405daa23c2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
ntfc.php
pushance.com/
12 KB
5 KB
Script
General
Full URL
https://pushance.com/ntfc.php?p=2040160&tco=1
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.174 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
90aaf090cf59fa35ede6705d05c72280dffcb6856c3d3a8608a1ca7a21bd3f60
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Sep 2018 12:35:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
apu.php
cobalten.com/
Redirect Chain
  • https://go.oclasrv.com/apu.php?zoneid=1899373
  • https://cobalten.com/apu.php?zoneid=1899373
1 KB
2 KB
Script
General
Full URL
https://cobalten.com/apu.php?zoneid=1899373
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.213.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Sep 2018 12:35:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 28 Sep 2018 12:35:42 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
https://cobalten.com/apu.php?zoneid=1899373
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
ntfc.php
pushance.com/
88 KB
23 KB
Script
General
Full URL
https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=2040160&tco=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.174 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
b12efa9a3753f302bdbe19c6b2959be65babf1fddd045544ef76a0c6c8cdcbfc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 28 Sep 2018 12:35:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
private, max-age=86400
Strict-Transport-Security
max-age=1
Timing-Allow-Origin
*
jquery-1.11.2.min.js
themidnightcitizen.com/templates/carpetondemand/libs/jquery/
94 KB
33 KB
Script
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/libs/jquery/jquery-1.11.2.min.js
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path
/templates/carpetondemand/libs/jquery/jquery-1.11.2.min.js
pragma
no-cache
cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; PHPSESSID=l4np1efr6mh5u07cv587pl1307
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:36 GMT
server
cloudflare
etag
W/"5b0ad3cc-176bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4616405e3b6bc2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
mediaelement-and-player.js
themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/
154 KB
38 KB
Script
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelement-and-player.js
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03f1d2967e3da7e516d0fec78d0c4ae2a641c2730ecc37a5f19d5e11b372429

Request headers

:path
/templates/carpetondemand/libs/mediaelementjs/mediaelement-and-player.js
pragma
no-cache
cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; PHPSESSID=l4np1efr6mh5u07cv587pl1307
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:40 GMT
server
cloudflare
etag
W/"5b0ad3d0-267ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4616405e3b6cc2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
share42.js
themidnightcitizen.com/templates/carpetondemand/libs/share42/
3 KB
1 KB
Script
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/libs/share42/share42.js
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0e4ff7109c211e26246820007ffa405e0b43484fb5118e3570b8d7f15972db

Request headers

:path
/templates/carpetondemand/libs/share42/share42.js
pragma
no-cache
cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; PHPSESSID=l4np1efr6mh5u07cv587pl1307
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:34 GMT
server
cloudflare
etag
W/"5b0ad3ca-da4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4616405e3b6fc2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
player.min.js
themidnightcitizen.com/templates/carpetondemand/js/
8 KB
3 KB
Script
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/js/player.min.js
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5749a9a642625ac8310707fdf20b9bedc7611afd20d39c55411ecba27be59ef5

Request headers

:path
/templates/carpetondemand/js/player.min.js
pragma
no-cache
cookie
__cfduid=ddcfb146bf57579fbc92bf717b4505e6e1538138140; PHPSESSID=l4np1efr6mh5u07cv587pl1307
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 18:19:24 GMT
server
cloudflare
etag
W/"5b0af6ac-2111"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4616405e3b71c2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
custom
pushance.com/
0
470 B
XHR
General
Full URL
https://pushance.com/custom
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://themidnightcitizen.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Fri, 28 Sep 2018 12:35:36 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://themidnightcitizen.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
pushance.com/
38 B
450 B
XHR
General
Full URL
https://pushance.com/custom
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://themidnightcitizen.com/
Origin
https://themidnightcitizen.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 28 Sep 2018 12:35:36 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://themidnightcitizen.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
38
truncated
/
364 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91eb7001a90f9178135eede72f1c8a5300cababa4a078cb59debaa50de4b1788

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51943312c73bac18f5d5ec940f39edabe4a43251950c58da0035fafe625658f5

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
logo.png
themidnightcitizen.com/templates/carpetondemand/img/
2 KB
2 KB
Image
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/img/logo.png
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c283e5f7285b60042c887d3065a6add268da86e1ff65cfc9c7abfb885cc29a3b

Request headers

:path
/templates/carpetondemand/img/logo.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 17:45:52 GMT
server
cloudflare
etag
W/"5b0aeed0-911"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d9cf50d8da9f9c60966721e121c9b345a1538138142; expires=Sat, 28-Sep-19 12:35:42 GMT; path=/; domain=.themidnightcitizen.com; HttpOnly
cf-ray
4616405faf4cc2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
loading.gif
themidnightcitizen.com/templates/carpetondemand/img/
50 KB
19 KB
Image
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/img/loading.gif
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29a5957617f13ef164c40a66a2a440402e86826bbebf8a6d42263ccff26c099

Request headers

:path
/templates/carpetondemand/img/loading.gif
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:42 GMT
server
cloudflare
etag
W/"5b0ad3d2-c807"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
set-cookie
__cfduid=d9cf50d8da9f9c60966721e121c9b345a1538138142; expires=Sat, 28-Sep-19 12:35:42 GMT; path=/; domain=.themidnightcitizen.com; HttpOnly
cf-ray
4616405faf4fc2c4-FRA
expires
Fri, 28 Sep 2018 16:35:42 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u043...
  • https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u0...
133 B
512 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u0438%u0446%u0438%u0438%20%u043D%u0430%20%u043B%u044E%u0431%u043E%u0439%20%u0432%u043A%u0443%u0441%2C%20%u0446%u0432%u0435%u0442%20%u0438%20%u0440%u0430%u0437%u043C%u0435%u0440%21%20%u0424%u043E%u0440%u043C%u0430%u0442%20mp3%20%u0432%u044B%u0441%u043E%u043A%u043E%u0433%u043E%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0430%2C%20%u0441%20%u0431%u044B%u0441%u0442%u0440%u043E%u0439%20%u0437%u0430%u0433%u0440%u0443%u0437%u043A%u043E%u0439%20%u0438%20%u0431%u0435%u0437%20%u0442%u043E%u0440%u043C%u043E%u0437%u043E%u0432%21;0.7731699601369475
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.196.101 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host01.rax.ru
Software
nginx/1.11.1 /
Resource Hash
85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Sep 2018 12:35:42 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
133
Expires
Wed, 27 Sep 2017 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Sep 2018 12:35:42 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//themidnightcitizen.com/;h%u041C%u0443%u0437%u044B%u043A%u0430%u043B%u044C%u043D%u044B%u0435%20%u043A%u043E%u043C%u043F%u043E%u0437%u0438%u0446%u0438%u0438%20%u043D%u0430%20%u043B%u044E%u0431%u043E%u0439%20%u0432%u043A%u0443%u0441%2C%20%u0446%u0432%u0435%u0442%20%u0438%20%u0440%u0430%u0437%u043C%u0435%u0440%21%20%u0424%u043E%u0440%u043C%u0430%u0442%20mp3%20%u0432%u044B%u0441%u043E%u043A%u043E%u0433%u043E%20%u043A%u0430%u0447%u0435%u0441%u0442%u0432%u0430%2C%20%u0441%20%u0431%u044B%u0441%u0442%u0440%u043E%u0439%20%u0437%u0430%u0433%u0440%u0443%u0437%u043A%u043E%u0439%20%u0438%20%u0431%u0435%u0437%20%u0442%u043E%u0440%u043C%u043E%u0437%u043E%u0432%21;0.7731699601369475
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 27 Sep 2017 21:00:00 GMT
mejs-controls.svg
themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/
5 KB
2 KB
Image
General
Full URL
https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mejs-controls.svg
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelement-and-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681c:1fb0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b307dc144744f6a15bbdf663c1f59d127a8729cc99533b3cec67e7a837b14e7f

Request headers

:path
/templates/carpetondemand/libs/mediaelementjs/mejs-controls.svg
pragma
no-cache
cookie
__cfduid=d9cf50d8da9f9c60966721e121c9b345a1538138142
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
themidnightcitizen.com
referer
https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelementplayer.css
:scheme
https
:method
GET
Referer
https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelementplayer.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:43 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 27 May 2018 15:50:38 GMT
server
cloudflare
etag
W/"5b0ad3ce-15ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=14400
cf-ray
461640615b65c2c4-FRA
expires
Fri, 28 Sep 2018 16:35:43 GMT
player_api
www.youtube.com/
859 B
944 B
Script
General
Full URL
https://www.youtube.com/player_api
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/templates/carpetondemand/libs/mediaelementjs/mediaelement-and-player.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
25176dcee17f1ff6a0e823eb822d6e0f14e2afae7d4d1be4a1eb92e7419de9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 28 Sep 2018 12:35:42 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
859
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflvi9no-/
20 KB
8 KB
Script
General
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflvi9no-/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://themidnightcitizen.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 26 Sep 2018 09:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183245
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7696
x-xss-protection
1; mode=block
last-modified
Wed, 26 Sep 2018 07:51:29 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Thu, 04 Oct 2018 09:41:38 GMT
jFBJnbTW_z8
www.youtube.com/embed/ Frame CA75
0
0
Document
General
Full URL
https://www.youtube.com/embed/jFBJnbTW_z8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=1&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fthemidnightcitizen.com&widgetid=1
Requested by
Host: s.ytimg.com
URL: https://s.ytimg.com/yts/jsbin/www-widgetapi-vflvi9no-/www-widgetapi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/jFBJnbTW_z8?controls=0&rel=0&disablekb=1&showinfo=0&modestbranding=0&html5=1&iv_load_policy=3&autoplay=0&end=0&loop=0&playsinline=1&start=0&nocookie=false&enablejsapi=1&origin=https%3A%2F%2Fthemidnightcitizen.com&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://themidnightcitizen.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://themidnightcitizen.com/

Response headers

status
200
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 EST
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
content-type
text/html; charset=utf-8
cache-control
no-cache
content-encoding
gzip
strict-transport-security
max-age=31536000
date
Fri, 28 Sep 2018 12:35:43 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=cmWQgmV9WP4; path=/; domain=.youtube.com; expires=Wed, 27-Mar-2019 12:35:43 GMT; httponly YSC=z-S6NdYa4Fs; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 30-May-2019 00:28:43 GMT GPS=1; path=/; domain=.youtube.com; expires=Fri, 28-Sep-2018 13:05:43 GMT VISITOR_INFO1_LIVE=cmWQgmV9WP4; path=/; domain=.youtube.com; expires=Wed, 27-Mar-2019 12:35:43 GMT; httponly
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
custom
pushance.com/
0
470 B
XHR
General
Full URL
https://pushance.com/custom
Requested by
Host: pushance.com
URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://themidnightcitizen.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Fri, 28 Sep 2018 12:35:37 GMT
Server
nginx
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://themidnightcitizen.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
0
custom
pushance.com/
38 B
450 B
XHR
General
Full URL
https://pushance.com/custom
Requested by
Host: themidnightcitizen.com
URL: https://themidnightcitizen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
188.72.202.175 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://themidnightcitizen.com/
Origin
https://themidnightcitizen.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 28 Sep 2018 12:35:37 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://themidnightcitizen.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
38
truncated
/ Frame 15FF
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| loadCSS function| loadLocalStorageCSS string| optionsAxXB324Fe string| laryAxXB324Fe boolean| zfgloadedpushopt object| _0x4680 function| _0x402a boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushcode object| zfgformats object| _0x2c4d function| _0x2a92 string| zfgaabversion number| zfgsct number| zfggt boolean| zfgloadedpopup string| cpu_search function| $ function| jQuery object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer function| countSongList function| search_tracks function| load_more function| contact_us function| scrollFunction object| player number| duration function| start_player function| change function| additems object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

0 Cookies

7 Console Messages

Source Level URL
Text
console-api error URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
TypeError: Cannot read property '__PSR_SESSION_1_2040161_false' of null at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:67890 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:68260) at m (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:67872) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:67531) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:22672) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:78664 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:76848) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:78622) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:89414
console-api error URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
TypeError: Cannot set property '__PSR_SESSION_1_2040161_false' of null at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69146 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:68260) at b (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69127) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69751) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:22836) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:78664 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:76848) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:78622) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:89414
console-api log URL: https://cobalten.com/apu.php?zoneid=1899373(Line 1)
Message:
70000
console-api error URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
TypeError: Cannot set property '__PSR_SESSION_1_2040161_false' of null at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69146 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:68260) at b (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69127) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:69751) at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:23293) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:79492 at a.(anonymous function) (https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:49072) at https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87:1:79326
console-api info URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
>>> {"event":"initialDelivery","info":{"apiInterface":["cueVideoById","loadVideoById","cueVideoByUrl","loadVideoByUrl","playVideo","pauseVideo","stopVideo","clearVideo","getVideoBytesLoaded","getVideoBytesTotal","getVideoLoadedFraction","getVideoStartBytes","cuePlaylist","loadPlaylist","nextVideo","previousVideo","playVideoAt","setShuffle","setLoop","getPlaylist","getPlaylistIndex","getPlaylistId","loadModule","unloadModule","setOption","getOption","getOptions","mute","unMute","isMuted","setVolume","getVolume","seekTo","getPlayerState","getPlaybackRate","setPlaybackRate","getAvailablePlaybackRates","getPlaybackQuality","setPlaybackQuality","getAvailableQualityLevels","getCurrentTime","getDuration","addEventListener","removeEventListener","getDebugText","getVideoData","addCueRange","removeCueRange","setSize","getApiInterface","destroy","getVideoEmbedCode","getVideoUrl","showVideoInfo","hideVideoInfo","getMediaReferenceTime","getSphericalProperties","setSphericalProperties"],"videoBytesLoaded":0,"videoBytesTotal":1,"videoLoadedFraction":0,"videoStartBytes":0,"playlist":null,"playlistIndex":-1,"playlistId":null,"option":null,"options":[],"muted":false,"volume":100,"playerState":5,"playbackRate":1,"availablePlaybackRates":[0.25,0.5,0.75,1,1.25,1.5,2],"playbackQuality":"unknown","availableQualityLevels":[],"currentTime":0,"duration":246,"debugText":"{\n \"debug_videoId\": \"jFBJnbTW_z8\",\n \"cgr\": true,\n \"debug_playbackQuality\": \"unknown\",\n \"debug_date\": \"Fri Sep 28 2018 12:35:43 GMT+0000 (Coordinated Universal Time)\"\n}","videoEmbedCode":"<iframe width=\"1\" height=\"1\" src=\"https://www.youtube.com/embed/jFBJnbTW_z8\" frameborder=\"0\" allow=\"autoplay; encrypted-media\" allowfullscreen></iframe>","videoUrl":"https://www.youtube.com/watch?v=jFBJnbTW_z8","mediaReferenceTime":0,"sphericalProperties":{},"videoData":{"video_id":"jFBJnbTW_z8","author":"","title":"Jah Khalib - \u041c\u0435\u0434\u0438\u043d\u0430 | \u041f\u0440\u0435\u043c\u044c\u0435\u0440\u0430 \u041a\u043b\u0438\u043f\u0430"},"currentTimeLastUpdated_":1538138143.875},"id":1,"channel":"widget"}, [object Object]
console-api info URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
>>> {"event":"onReady","info":null,"id":1,"channel":"widget"}, [object Object]
console-api info URL: https://pushance.com/ntfc.php?p=2040160&r=ui&swver=3.0.87(Line 1)
Message:
>>> {"event":"infoDelivery","info":{"muted":false,"volume":80},"id":1,"channel":"widget"}, [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cobalten.com
counter.yadro.ru
go.oclasrv.com
pushance.com
s.ytimg.com
themidnightcitizen.com
www.youtube.com
188.72.202.174
188.72.202.175
188.72.213.175
2606:4700:30::681c:1fb0
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::200e
78.140.191.84
88.212.196.101
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
223dbeaf95c21e29aad42c8656d9ad41dbe9497df36c95118158609625d95c53
25176dcee17f1ff6a0e823eb822d6e0f14e2afae7d4d1be4a1eb92e7419de9e4
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
3e172b6daf9e5cb4a6f9666ecec2db53154b3f5b3ea716876c90aad3a3fdd5b0
4c131a74d2f424e29ffb16d2b03fec20e3f0cae46c4f0aff594cdc8ade80c3ca
51943312c73bac18f5d5ec940f39edabe4a43251950c58da0035fafe625658f5
5749a9a642625ac8310707fdf20b9bedc7611afd20d39c55411ecba27be59ef5
6fead81d343f693107904c5577dfd9642bb6ec751e305860c940fdcb5e6c4ae8
85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e
90aaf090cf59fa35ede6705d05c72280dffcb6856c3d3a8608a1ca7a21bd3f60
91eb7001a90f9178135eede72f1c8a5300cababa4a078cb59debaa50de4b1788
a29a5957617f13ef164c40a66a2a440402e86826bbebf8a6d42263ccff26c099
a599232b27762d0deef401c854b6c5f7f9f7b69c63a22fdf36b99bac156946fc
b03f1d2967e3da7e516d0fec78d0c4ae2a641c2730ecc37a5f19d5e11b372429
b12efa9a3753f302bdbe19c6b2959be65babf1fddd045544ef76a0c6c8cdcbfc
b307dc144744f6a15bbdf663c1f59d127a8729cc99533b3cec67e7a837b14e7f
ba0e4ff7109c211e26246820007ffa405e0b43484fb5118e3570b8d7f15972db
c283e5f7285b60042c887d3065a6add268da86e1ff65cfc9c7abfb885cc29a3b
c951e135943eb002a5eeeb1dc00dfde4713117871c849521b14dae1750876019
dd0f4aad5fca470c0e2252f782d584377e38a79813fc2dc26bbad8e9a2b8dea8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855