app.cur8.io Open in urlscan Pro
2600:9000:277c:b800:5:c82e:1400:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://theartbank.io/
Effective URL:
https://app.cur8.io/
Submission: On December 16 via automatic, source certstream-suspicious (December 16th 2024, 7:48:18 am UTC) — Scanned from NZ

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2600:9000:277c:b800:5:c82e:1400:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.cur8.io.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 5th 2024. Valid for: a year.

This is the only time app.cur8.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
11	2600:9000:277... 2600:9000:277c:b800:5:c82e:1400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:813::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4006:814::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4006:809::200e	15169 (GOOGLE) (GOOGLE)
21	6

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

theartbank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

cur8.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:277c:b800:5:c82e:1400:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.cur8.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:813::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:814::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cur8.io 1 redirects cur8.io app.cur8.io	2 MB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	315 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	178 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
1	theartbank.io 1 redirects theartbank.io	303 B
21	6

	Domain	Requested by
11	app.cur8.io	app.cur8.io
2	unpkg.com	1 redirects app.cur8.io
2	www.googletagmanager.com	app.cur8.io
2	fonts.googleapis.com	app.cur8.io
1	www.google-analytics.com	www.googletagmanager.com
1	cur8.io	1 redirects
1	theartbank.io	1 redirects
21	7

This site contains no links.

Subject Issuer	Validity	Valid
app.cur8.io Amazon RSA 2048 M02	`2024-04-05` - `2025-05-04`	a year	crt.sh
upload.video.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://app.cur8.io/
Frame ID: 0C60409463E121BFC0DD4E8FB0EB6AFB
Requests: 20 HTTP requests in this frame

Frame: https://app.cur8.io/transparent_cur8_loader.html
Frame ID: 4E93924AB31F1A10D7B119455800BC6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cur8: Where digital ownership lives. Welcome home.

Page URL History Show full URLs

https://theartbank.io/ HTTP 301
http://cur8.io/ HTTP 307
https://cur8.io/ HTTP 301
http://app.cur8.io/ HTTP 307
https://app.cur8.io/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

21
Requests

76 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

2067 kB
Transfer

4550 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://theartbank.io/ HTTP 301
http://cur8.io/ HTTP 307
https://cur8.io/ HTTP 301
http://app.cur8.io/ HTTP 307
https://app.cur8.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js HTTP 302
https://unpkg.com/@google/model-viewer@4.0.0/dist/model-viewer.min.js

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.cur8.io/
Redirect Chain

https://theartbank.io/
http://cur8.io/
https://cur8.io/
http://app.cur8.io/
https://app.cur8.io/

5 KB
2 KB

341ms
66ms

Document
text/html

2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 65ae9dd095761a1ceed9ea25bba332de3037c11efd9c5663638fb9bb9ed28c05

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 44653
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 15 Dec 2024 19:23:59 GMT
etag: W/"1439-Q8yEaTdcFBne4whqS3ROdPTCk1o"
vary: Accept-Encoding
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-amz-cf-id: ziRfh1wGx4tsfYx_RYHvuo5xDVCexUHkXt8oar4GVsoVAb27bOyfIA==
x-amz-cf-pop: SYD3-P2
x-cache: Hit from cloudfront
x-powered-by: Express

Redirect headers

Location: https://app.cur8.io/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 405ms
172ms Stylesheet
text/css 2404:6800:4006:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans&display=swap

Requested by

Host: app.cur8.io
URL: https://app.cur8.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35f765fe7ab31a7eee895f020aca784eb9290e33340c2a6a7d1c55645964b818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 07:48:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 07:48:12 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 05:52:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 325 KB
108 KB 409ms
181ms Script
application/javascript 2404:6800:4006:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-99LBS9DD4T

Requested by

Host: app.cur8.io
URL: https://app.cur8.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b470e6febab8db4648649dff5c56d418e92f7ab69e64828692f7ecb9324912c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 16 Dec 2024 07:48:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 07:48:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110300
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
69 KB 193ms
192ms Script
application/javascript 2404:6800:4006:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M6Q4WHG2

Requested by

Host: app.cur8.io
URL: https://app.cur8.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a5be76a1f96c1d5f824242a6e4a04da59f8338cb5092e2628799beb179c5f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 16 Dec 2024 07:48:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 16 Dec 2024 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 70785
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

model-viewer.min.js Show response
unpkg.com/@google/model-viewer@4.0.0/dist/
Redirect Chain

https://unpkg.com/@google/model-viewer/dist/model-viewer.min.js
https://unpkg.com/@google/model-viewer@4.0.0/dist/model-viewer.min.js

933 KB
315 KB

44ms
43ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@google/model-viewer@4.0.0/dist/model-viewer.min.js

Requested by

Host: app.cur8.io
URL: https://app.cur8.io/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

774edda21e1be2a0934e460ca5943af1fe3f88da130a9f98bd6a9d611576cacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "e94a4-ephV75o0ECY3A9eZ8zUgqIGd5+o"
age: 2224568
x-content-type-options: nosniff
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JD4XFY16Z3WWXHNBX4AD1MR3-syd
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8f2d11ddfd291c5f-AKL
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@google/model-viewer@4.0.0/dist/model-viewer.min.js
content-encoding: br
cf-cache-status: HIT
age: 274
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8f2d11ddbcaa1c5f-AKL
access-control-allow-origin: *
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JF76REAK5GTRGM7AN28KF8N3-syd
server: cloudflare

GET
H2 200 main.a3d3c51d.js Show response
app.cur8.io/static/js/ 517 KB
134 KB 448ms
447ms Script
application/javascript 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/js/main.a3d3c51d.js
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 9881fabf868af57a190e350ffb35fd2817b03e6c00d81111f72c98410db94b24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"81371-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 9vTrTeK_MjDyWrIKFrMYGQnAIC1ejEgqr1z_z1e5u1__O_UkryAvtw==
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 main.11077229.css
app.cur8.io/static/css/ 77 KB
16 KB 460ms
459ms Stylesheet
text/css 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/css/main.11077229.css
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a9fdf3afc0867f035e7fdb9326c18ebb541029b61dafbf29c563203f26e9c5d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"135f1-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: qcyKqU20AL9pdedKUC5A6-t4hMf7JyUyv7JLXh41P_thE_Q89bGRiA==
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 transparent_cur8_loader.html Show response
app.cur8.io/ Frame 4E93 14 KB
7 KB 447ms
447ms Document
text/html 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/transparent_cur8_loader.html
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 3c0879120b08c07176ce5bd944752122a5f8b5ceef3146a634fe2e307512b604

Request headers

Referer: https://app.cur8.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 16 Dec 2024 07:48:13 GMT
etag: W/"3802-193ca3354f0"
last-modified: Sun, 15 Dec 2024 12:03:02 GMT
vary: Accept-Encoding
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-amz-cf-id: Lk2d91f5w2VCnr7ildj33BImf4Eav88NGBES4lqdKfpxvbZZFxe1BQ==
x-amz-cf-pop: SYD3-P2
x-cache: Miss from cloudfront
x-powered-by: Express

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 390ms
163ms Fetch
text/plain 2404:6800:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-99LBS9DD4T&gtm=45je4cc1v9103715833za200&_p=1734335292982&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1512106238.1734335293&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734335293&sct=1&seg=0&dl=https%3A%2F%2Fapp.cur8.io%2F&dt=Cur8%3A%20Where%20digital%20ownership%20lives.%20Welcome%20home.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3207
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-99LBS9DD4T
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://app.cur8.io
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 07:48:13 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ZenKakuGothicAntique-Regular.7f2e8d0e3ded6104f9cc.ttf
app.cur8.io/static/media/ 2 MB
1 MB 451ms
450ms Font
font/ttf 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/media/ZenKakuGothicAntique-Regular.7f2e8d0e3ded6104f9cc.ttf
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: a625ba898a3c3f9831ebf27e529d677dcb916a5f3b0e38d1fe90aab67121770a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://app.cur8.io
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"242a70-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: w4I8ZPHGMcaVBTmDbT2Y_naoJotZJ_vxezD4gsysGY96zBB9bYXCuw==
date: Mon, 16 Dec 2024 07:48:14 GMT
content-type: font/ttf
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 favicon.ico
app.cur8.io/ 5 KB
2 KB 71ms
70ms Other
text/html 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 65ae9dd095761a1ceed9ea25bba332de3037c11efd9c5663638fb9bb9ed28c05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: br
etag: W/"1439-Q8yEaTdcFBne4whqS3ROdPTCk1o"
age: 6137
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: CXlf2_h7kU-6i3ykRoyMF-PNjQx92JstqiHQy4ak_vTqFTWuwvI2CA==
date: Mon, 16 Dec 2024 06:05:57 GMT
content-type: text/html; charset=utf-8
x-powered-by: Express
vary: Accept-Encoding
x-amz-cf-pop: SYD3-P2

GET
H2 200 favicon.ico.png
app.cur8.io/ 50 KB
50 KB 461ms
461ms Other
image/png 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/favicon.ico.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 23d002745f1caab3d3084260bc8bf0797a37394849938025c1d53f66c48928b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
etag: W/"c816-193ca335108"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 51222
x-amz-cf-id: gZMvs8BeRDDAjo2z9PMZ1bNxfqJjPQpoElusGV5tngfVfNIc3H40Yg==
date: Mon, 16 Dec 2024 07:48:14 GMT
content-type: image/png
x-powered-by: Express
last-modified: Sun, 15 Dec 2024 12:03:01 GMT

GET
H2 200 1862.93a25e63.chunk.js Show response
app.cur8.io/static/js/ 74 KB
25 KB 448ms
447ms Script
application/javascript 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/js/1862.93a25e63.chunk.js
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/static/js/main.a3d3c51d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 4f8bb92ce219a56f2474ed27d4aff15d2641717d85ffbb1d650bbf1f71620d39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"12946-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 7tOB7EwDzxm9yDBTxYr4MMLYs6Ct2mNgQGulDcfDuyeV8M97KXsWWA==
date: Mon, 16 Dec 2024 07:48:17 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 7551.f49645c4.chunk.js Show response
app.cur8.io/static/js/ 27 KB
7 KB 448ms
448ms Script
application/javascript 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/js/7551.f49645c4.chunk.js
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/static/js/main.a3d3c51d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: f3125bc64812ad5d3b84147a86fef680440df0a1fbb78ab108b9994cde4c9aa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"6c03-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: D7Auy_dN4Gi5OUZiCuKiQhbvUxf45dbMhT9bHzN8wFvXNs2x2tdiMw==
date: Mon, 16 Dec 2024 07:48:17 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET 1864.11b9d40b.chunk.js
app.cur8.io/static/js/ 0
0

GET 2505.34d782d5.chunk.js
app.cur8.io/static/js/ 0
0

GET 6955.edee730e.chunk.js
app.cur8.io/static/js/ 0
0

GET
H2 200 657.45797354.chunk.css
app.cur8.io/static/css/ 5 KB
1 KB 261ms
260ms Stylesheet
text/css 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/css/657.45797354.chunk.css
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/static/js/main.a3d3c51d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: ae456e5c67bffb0927834af12eba1ba97974d36d2eba34baaee138cffb6c0bd5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"12fa-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: mu8Zpa6rbgxs6cA2jjVmx_rx6S9TJbxeOD78iXhoogmCOY8qE-eAkQ==
date: Mon, 16 Dec 2024 07:48:17 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 657.2d7714d4.chunk.js Show response
app.cur8.io/static/js/ 4 KB
2 KB 261ms
261ms Script
application/javascript 2600:9000:277c:b800:5:c82e:1400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.cur8.io/static/js/657.2d7714d4.chunk.js
Requested by: Host: app.cur8.io
URL: https://app.cur8.io/static/js/main.a3d3c51d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:b800:5:c82e:1400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 925c3f617b2e228278d18d48884ddf90e4bfbc5da57a6a6c92203278dfca3d21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

x-amz-cf-pop: SYD3-P2
cache-control: public, max-age=0
content-encoding: br
etag: W/"f21-193ca351a10"
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: vm0yTZLWqX-aPrEYjnpSZdaB1DnQnE4tu864QYa_UFi0LPphYc4LNg==
date: Mon, 16 Dec 2024 07:48:17 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
vary: Accept-Encoding
last-modified: Sun, 15 Dec 2024 12:04:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
559 B 165ms
164ms Stylesheet
text/css 2404:6800:4006:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: app.cur8.io
URL: https://app.cur8.io/static/css/657.45797354.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:813::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3152c018f548899e2da6fe638841ef215a059d73007f3986a28153dc39983201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://app.cur8.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 07:48:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 07:48:17 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 16 Dec 2024 06:50:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

POST collect
www.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.cur8.io
URL: https://app.cur8.io/static/js/1864.11b9d40b.chunk.js

Domain: app.cur8.io
URL: https://app.cur8.io/static/js/2505.34d782d5.chunk.js

Domain: app.cur8.io
URL: https://app.cur8.io/static/js/6955.edee730e.chunk.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-99LBS9DD4T&gtm=45je4cc1v9103715833za200&_p=1734335292982&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1512106238.1734335293&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734335293&sct=1&seg=0&dl=https%3A%2F%2Fapp.cur8.io%2F&dt=Cur8%3A%20Where%20digital%20ownership%20lives.%20Welcome%20home.&en=scroll&epn.percent_scrolled=90&_et=17&tfd=8227

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cur8.io/	1970-01-21 11:21:35	Name: _ga Value: GA1.1.1512106238.1734335293
			.cur8.io/	1970-01-21 11:21:35	Name: _ga_99LBS9DD4T Value: GS1.1.1734335293.1.0.1734335293.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.cur8.io/ Message: The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.
security	error	URL: about:blank Message: The Content Security Policy directive 'frame-ancestors' is ignored when delivered via a <meta> element.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.cur8.io
cur8.io
fonts.googleapis.com
theartbank.io
unpkg.com
www.google-analytics.com
www.googletagmanager.com
app.cur8.io
www.google-analytics.com
15.197.225.128
2404:6800:4006:809::200e
2404:6800:4006:813::200a
2404:6800:4006:814::2008
2600:9000:277c:b800:5:c82e:1400:93a1
2606:4700::6811:f5cb
3.33.251.168
23d002745f1caab3d3084260bc8bf0797a37394849938025c1d53f66c48928b4
3152c018f548899e2da6fe638841ef215a059d73007f3986a28153dc39983201
35f765fe7ab31a7eee895f020aca784eb9290e33340c2a6a7d1c55645964b818
3b470e6febab8db4648649dff5c56d418e92f7ab69e64828692f7ecb9324912c
3c0879120b08c07176ce5bd944752122a5f8b5ceef3146a634fe2e307512b604
4f8bb92ce219a56f2474ed27d4aff15d2641717d85ffbb1d650bbf1f71620d39
65ae9dd095761a1ceed9ea25bba332de3037c11efd9c5663638fb9bb9ed28c05
774edda21e1be2a0934e460ca5943af1fe3f88da130a9f98bd6a9d611576cacf
7a5be76a1f96c1d5f824242a6e4a04da59f8338cb5092e2628799beb179c5f6f
925c3f617b2e228278d18d48884ddf90e4bfbc5da57a6a6c92203278dfca3d21
9881fabf868af57a190e350ffb35fd2817b03e6c00d81111f72c98410db94b24
a625ba898a3c3f9831ebf27e529d677dcb916a5f3b0e38d1fe90aab67121770a
a9fdf3afc0867f035e7fdb9326c18ebb541029b61dafbf29c563203f26e9c5d4
ae456e5c67bffb0927834af12eba1ba97974d36d2eba34baaee138cffb6c0bd5
f3125bc64812ad5d3b84147a86fef680440df0a1fbb78ab108b9994cde4c9aa1

app.cur8.io Open in urlscan Pro 2600:9000:277c:b800:5:c82e:1400:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

76 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

2067 kBTransfer

4550 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

app.cur8.io Open in urlscan Pro
2600:9000:277c:b800:5:c82e:1400:93a1 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

76 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

2067 kB
Transfer

4550 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions