route.buddyplay.net Open in urlscan Pro
54.247.70.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://two-movies.name/tds/go.php
Effective URL:
https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm...
Submission: On December 19 via manual (December 19th 2018, 1:50:49 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 54.247.70.99, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is route.buddyplay.net.
TLS certificate: Issued by Amazon on June 14th 2018. Valid for: a year.

This is the only time route.buddyplay.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	104.28.3.10 104.28.3.10	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3 3	104.28.2.10 104.28.2.10	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	46.137.110.83 46.137.110.83	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	35.158.157.86 35.158.157.86	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.54.52.189 52.54.52.189	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	176.34.113.3 176.34.113.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	54.247.70.99 54.247.70.99	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.101.3 143.204.101.3	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.228.183.233 54.228.183.233	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
19	6

3 104.28.3.10 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www1.two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.28.2.10 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www1.two-movies.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.110.83 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-137-110-83.eu-west-1.compute.amazonaws.com

hlok.qertewrt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.157.86 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-157-86.eu-central-1.compute.amazonaws.com

titan.infra.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.52.189 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-54-52-189.compute-1.amazonaws.com

go-studcat.infra.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.113.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-113-3.eu-west-1.compute.amazonaws.com

route.buddyplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.247.70.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com

route.buddyplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.3 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-3.fra50.r.cloudfront.net

www.buddyplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.183.233 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-183-233.eu-west-1.compute.amazonaws.com

route.buddyplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	buddyplay.net 1 redirects route.buddyplay.net www.buddyplay.net	260 KB
6	two-movies.name 6 redirects two-movies.name www.two-movies.name www1.two-movies.name	2 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	9 KB
3	gstatic.com fonts.gstatic.com	26 KB
2	infra.systems 2 redirects titan.infra.systems go-studcat.infra.systems	2 KB
1	qertewrt.com 1 redirects hlok.qertewrt.com	401 B
19	6

	Domain	Requested by
12	route.buddyplay.net	1 redirects route.buddyplay.net
3	fonts.gstatic.com	route.buddyplay.net
3	fonts.googleapis.com	route.buddyplay.net ajax.googleapis.com
2	www1.two-movies.name	2 redirects
2	www.two-movies.name	2 redirects
2	two-movies.name	2 redirects
1	ajax.googleapis.com	route.buddyplay.net
1	www.buddyplay.net	route.buddyplay.net
1	go-studcat.infra.systems	1 redirects
1	titan.infra.systems	1 redirects
1	hlok.qertewrt.com	1 redirects
19	11

This site contains no links.

Subject Issuer	Validity	Valid
*.bonymedia.com Amazon	`2018-06-14` - `2019-07-14`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh
*.buddyplay.net COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2019-01-19`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-11-27` - `2019-02-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Frame ID: 055AFA4F8A580D5CFD22F2EDBDCB32F6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://two-movies.name/tds/go.php HTTP 301
https://two-movies.name/tds/go.php HTTP 301
http://www.two-movies.name/tds/go.php HTTP 301
https://www.two-movies.name/tds/go.php HTTP 301
http://www1.two-movies.name/tds/go.php HTTP 301
https://www1.two-movies.name/tds/go.php HTTP 302
http://hlok.qertewrt.com/offer?prod=7&ref=4972911 HTTP 302
http://titan.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=... HTTP 302
https://go-studcat.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=... HTTP 302
http://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod... HTTP 302
https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
script /googleapis\.com\/.+webfont/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

11
Subdomains

6
IPs

3
Countries

295 kB
Transfer

434 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://two-movies.name/tds/go.php HTTP 301
https://two-movies.name/tds/go.php HTTP 301
http://www.two-movies.name/tds/go.php HTTP 301
https://www.two-movies.name/tds/go.php HTTP 301
http://www1.two-movies.name/tds/go.php HTTP 301
https://www1.two-movies.name/tds/go.php HTTP 302
http://hlok.qertewrt.com/offer?prod=7&ref=4972911 HTTP 302
http://titan.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=&adserver=1.2.18 HTTP 302
https://go-studcat.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e HTTP 302
http://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE HTTP 302
https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
route.buddyplay.net/signup/
Redirect Chain

http://two-movies.name/tds/go.php
https://two-movies.name/tds/go.php
http://www.two-movies.name/tds/go.php
https://www.two-movies.name/tds/go.php
http://www1.two-movies.name/tds/go.php
https://www1.two-movies.name/tds/go.php
http://hlok.qertewrt.com/offer?prod=7&ref=4972911
http://titan.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=&adserver=1.2.18
https://go-studcat.infra.systems/signup?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e
http://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=...
https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid...

5 KB
2 KB

608ms
470ms

Document
text/html

54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.25
Resource Hash: 4a00baf4329dc094932f3c1c71a3c6b86c723355768bd1a2946a90a1e7151fdd

Request headers

Host: route.buddyplay.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 19 Dec 2018 13:50:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.4.6 (Ubuntu)
Set-Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c; path=/ studcat=1; expires=Fri, 18-Jan-2019 13:50:29 GMT; Max-Age=2592000
X-Powered-By: PHP/5.5.9-1ubuntu4.25
transfer-encoding: chunked
Connection: keep-alive

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html
Date: Wed, 19 Dec 2018 13:50:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Location: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Pragma: no-cache
Server: nginx/1.4.6 (Ubuntu)
Set-Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c; path=/
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK main.php
route.buddyplay.net/css/signup/download/j// 70 KB
15 KB 44ms
42ms Stylesheet
text/css 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://route.buddyplay.net/css/signup/download/j//main.php?cache_control=1
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.25
Resource Hash: 079e9503c0912e30a962c2cb96e73d34dd44fe25cb2b656de4f422f3f5289f30

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Dec 2018 13:50:30 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.25
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: 31536000
transfer-encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Dec 2019 13:50:30 GMT

GET
H/1.1 200
OK modernizr.js Show response
route.buddyplay.net/js/signup/download/j// 11 KB
11 KB 115ms
37ms Script
application/x-javascript 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://route.buddyplay.net/js/signup/download/j//modernizr.js
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e9b62ed2448a63e4ae67f4736d62052df628e53179c2850456b374a418448041

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:54 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125842-2bf3"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11251

GET
H2 200 css
fonts.googleapis.com/ 7 KB
746 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 19 Dec 2018 13:50:30 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 19 Dec 2018 13:50:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 19 Dec 2018 13:50:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 870 B
375 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans:400,700

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e0a4350470c4437f6eda9a2eac1cfccc5ed96b55dddac1024d13cb14b5731286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 19 Dec 2018 13:50:30 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 19 Dec 2018 13:50:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 19 Dec 2018 13:50:30 GMT

GET
H2 200 logo.png
www.buddyplay.net/images/ 5 KB
5 KB 2261ms
165ms Image
image/png 143.204.101.3
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.buddyplay.net/images/logo.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.3 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e862aeb5aa10c329b53a3ccc7ac6a36bf12bdd6119730e1020687171f66e5110

Request headers

:path: /images/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.buddyplay.net
referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
:scheme: https
:method: GET
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 13:50:33 GMT
via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
last-modified: Wed, 05 Sep 2018 12:30:30 GMT
server: AmazonS3
etag: "2e7d2b94013fbd41130d0d1ac2d6d527"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
content-length: 5023
x-amz-cf-id: TPzJcP6m7lb8E4u4Id4kW35FI2jWSxH4D_ZFWLW_zHyadkpjHoLt4w==

GET
H/1.1 200
OK loader.gif
route.buddyplay.net/images/signup/download/j// 58 KB
58 KB 148ms
36ms Image
image/gif 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//loader.gif
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 6c14fac9e8286c38b4c99ffa14c0909aef44975d956701a65f5fa482d0981e65

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-e812"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59410

GET
H/1.1 200
OK alert.png
route.buddyplay.net/images/signup/download/j// 5 KB
5 KB 211ms
37ms Image
image/png 54.228.183.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//alert.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.183.233 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-183-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f626babbcdf198df135ae3a349fa53fac7b3b8c9d47bb5a08ee805e097d841e8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-1314"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4884

GET
H/1.1 200
OK unlimited-icon.png
route.buddyplay.net/images/signup/download/j// 4 KB
4 KB 242ms
39ms Image
image/png 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//unlimited-icon.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 6cb91370920a9c068e99c00f0112305bebd6814239d5ea0f8d3849d62a297dac

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-eb8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3768

GET
H/1.1 200
OK search-icon.png
route.buddyplay.net/images/signup/download/j// 4 KB
4 KB 245ms
35ms Image
image/png 54.228.183.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//search-icon.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.183.233 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-183-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: b8095a5d93ea912831e7d75da6a864c56cd16fff66274d5c5872ac94550308f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-10af"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4271

GET
H/1.1 200
OK noads-icon.png
route.buddyplay.net/images/signup/download/j// 4 KB
5 KB 281ms
33ms Image
image/png 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//noads-icon.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e6c947b03a75bfafcfcd03667c2d73b66fd36b3383141ca28827886b4cd87428

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-10e9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, noodp, noimageindex, nosnippet
Content-Length: 4329

GET
H/1.1 200
OK platforms-icon.png
route.buddyplay.net/images/signup/download/j// 4 KB
4 KB 249ms
34ms Image
image/png 54.228.183.233
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//platforms-icon.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.183.233 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-183-233.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 7e615d9db8aa45f9da75299163b5c51f33986cb3fa8e57cdb15b2be3ba88980e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-fcc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, noarchive, noodp, noimageindex, nosnippet
Content-Length: 4044

GET
H/1.1 200
OK main.php Show response
route.buddyplay.net/js/signup/download/j// 101 KB
35 KB 122ms
82ms Script
application/javascript 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://route.buddyplay.net/js/signup/download/j//main.php?cache_control=&lng=DE
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.26
Resource Hash: 40df7862b2be85b9a4da48a374099d00e5a86c4a85f6443e1ea53944875faffc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Wed, 19 Dec 2018 13:50:30 GMT
Content-Encoding: gzip
Server: nginx/1.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.26
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: 31536000
transfer-encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Dec 2019 13:50:30 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 18 KB
7 KB 40ms
8ms Script
text/javascript 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 19 Dec 2018 04:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33708
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6918
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2019 04:28:42 GMT

GET
H/1.1 200
OK header-background.png
route.buddyplay.net/images/signup/download/j// 110 KB
110 KB 115ms
39ms Image
image/png 54.247.70.99
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://route.buddyplay.net/images/signup/download/j//header-background.png
Requested by: Host: route.buddyplay.net
URL: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.70.99 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-70-99.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5b4c3a8b9fea79d49bb31c8f3701c3836171fe7069a4cb39dd49171db321df49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: route.buddyplay.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://route.buddyplay.net/css/signup/download/j//main.php?cache_control=1
Cookie: PHPSESSID=5fcd6051a3296c1d8f590bfc35b8685c
Connection: keep-alive
Cache-Control: no-cache
Referer: https://route.buddyplay.net/css/signup/download/j//main.php?cache_control=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 19 Dec 2018 13:50:30 GMT
Last-Modified: Thu, 13 Dec 2018 13:01:52 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5c125840-1b723"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112419

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://route.buddyplay.net

Response headers

date: Mon, 10 Dec 2018 15:37:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 771207
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8916
x-xss-protection: 1; mode=block
expires: Tue, 10 Dec 2019 15:37:03 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://route.buddyplay.net

Response headers

date: Tue, 18 Dec 2018 13:12:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 88676
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Wed, 18 Dec 2019 13:12:34 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://route.buddyplay.net

Response headers

date: Wed, 12 Dec 2018 18:35:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 587677
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Thu, 12 Dec 2019 18:35:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://route.buddyplay.net/signup/?asdf_domain=hlok.qertewrt.com&asdf_path=%2Fsmart_asdf%2Fdisplay&prod=7&ref=4972911&sf=mm&adserver=1.2.18&m=all&lid=ac48ee92-6bfc-4835-b3be-58e3a445829e&utm_expid=72006323-793.BBQBr4jIQx-I0SgVEvhhQw.0&cat=stud&session_id=5fcd6051a3296c1d8f590bfc35b8685c&_sign=0ded4f0a1f76171ef23890daf7cbc6ba&_signt=1545227488&lng=DE&country=DE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 19 Dec 2018 13:50:30 GMT
server: ESF
access-control-allow-origin: *
date: Wed, 19 Dec 2018 13:50:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Wed, 19 Dec 2018 13:50:30 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://route.buddyplay.net/js/signup/download/j//main.php?cache_control=&lng=DE(Line 107) Message: 6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
go-studcat.infra.systems
hlok.qertewrt.com
route.buddyplay.net
titan.infra.systems
two-movies.name
www.buddyplay.net
www.two-movies.name
www1.two-movies.name
104.28.2.10
104.28.3.10
143.204.101.3
176.34.113.3
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
35.158.157.86
46.137.110.83
52.54.52.189
54.228.183.233
54.247.70.99
079e9503c0912e30a962c2cb96e73d34dd44fe25cb2b656de4f422f3f5289f30
40df7862b2be85b9a4da48a374099d00e5a86c4a85f6443e1ea53944875faffc
4a00baf4329dc094932f3c1c71a3c6b86c723355768bd1a2946a90a1e7151fdd
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
5b4c3a8b9fea79d49bb31c8f3701c3836171fe7069a4cb39dd49171db321df49
6c14fac9e8286c38b4c99ffa14c0909aef44975d956701a65f5fa482d0981e65
6cb91370920a9c068e99c00f0112305bebd6814239d5ea0f8d3849d62a297dac
7e615d9db8aa45f9da75299163b5c51f33986cb3fa8e57cdb15b2be3ba88980e
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
b8095a5d93ea912831e7d75da6a864c56cd16fff66274d5c5872ac94550308f2
c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c
e0a4350470c4437f6eda9a2eac1cfccc5ed96b55dddac1024d13cb14b5731286
e6c947b03a75bfafcfcd03667c2d73b66fd36b3383141ca28827886b4cd87428
e862aeb5aa10c329b53a3ccc7ac6a36bf12bdd6119730e1020687171f66e5110
e9b62ed2448a63e4ae67f4736d62052df628e53179c2850456b374a418448041
f626babbcdf198df135ae3a349fa53fac7b3b8c9d47bb5a08ee805e097d841e8
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

route.buddyplay.net Open in urlscan Pro 54.247.70.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

25 %IPv6

6 Domains

11 Subdomains

6 IPs

3 Countries

295 kBTransfer

434 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

route.buddyplay.net Open in urlscan Pro
54.247.70.99 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

11
Subdomains

6
IPs

3
Countries

295 kB
Transfer

434 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions