ptl-cb8b65f0-f0e6e959.libcurl.so Open in urlscan Pro
104.131.54.221  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ptl-cb8b65f0-f0e6e959.libcurl.so/	677 B 635 B	469ms 382ms	Document text/html	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Express Resource Hash 8a192d6938c9152507ad439386434e73c3ce85a129463c1606fe535d467d7dda Request headers Host ptl-cb8b65f0-f0e6e959.libcurl.so Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id E2494F9B61AFB50C98C21B2E72F5BC32 Response headers Server nginx/1.6.2 Date Fri, 18 May 2018 11:52:52 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By Express Cache-Control public, max-age=0 Last-Modified Thu, 25 Jan 2018 08:47:45 GMT Content-Encoding gzip
GET H/1.1	200 OK	unix_00.js Show response pentesterlab.com/tracking/	0 913 B	484ms 128ms	Script text/javascript	54.172.242.130 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pentesterlab.com/tracking/unix_00.js Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Protocol HTTP/1.1 Server 54.172.242.130 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-172-242-130.compute-1.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 18 May 2018 11:54:26 GMT Content-Encoding gzip X-Content-Type-Options nosniff Status 200 OK Connection Keep-Alive Vary User-Agent,Accept-Encoding Content-Length 20 X-XSS-Protection 1; mode=block X-Request-Id c62848e1-7961-4e44-bbed-0f68db06ca03 Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type text/javascript; charset=utf-8 Cache-Control no-cache Keep-Alive timeout=15, max=100
GET H/1.1	200 OK	hterm_all.js Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/	484 KB 485 KB	248ms 247ms	Script application/javascript	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/hterm_all.js Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Express Resource Hash c71d035bb03177d15912a847505eda6771edd00b4115a1d459c252b8e95e4339 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Connection keep-alive Cache-Control no-cache Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 18 May 2018 11:52:53 GMT ETag "495972-1516870065000" Last-Modified Thu, 25 Jan 2018 08:47:45 GMT Server nginx/1.6.2 X-Powered-By Express Content-Type application/javascript Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 495972
GET H/1.1	200 OK	socket.io.js Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/	71 KB 71 KB	359ms 272ms	Script application/javascript	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/socket.io.js Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash 58abea898d23647590648a216049abf4a502e6b11a6043854eaf81ca59492bcc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Connection keep-alive Cache-Control no-cache Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 18 May 2018 11:52:53 GMT Server nginx/1.6.2 Connection keep-alive X-SourceMap socket.io.js.map ETag "1.7.4" Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	wetty.js Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/	2 KB 2 KB	479ms 392ms	Script application/javascript	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/wetty.js Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Express Resource Hash cfe698dcc99e3485bfe82969beac023391d4013fff56ff5ecb8b5d4c850b0b5b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Connection keep-alive Cache-Control no-cache Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 18 May 2018 11:52:53 GMT ETag "1626-1516870065000" Last-Modified Thu, 25 Jan 2018 08:47:45 GMT Server nginx/1.6.2 X-Powered-By Express Content-Type application/javascript Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 1626
GET H/1.1	200 OK	Cookie set / Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/	101 B 350 B	246ms 246ms	XHR application/octet-stream	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/?EIO=3&transport=polling&t=MDp67YZ Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash ed0687a6e5c5d47f75186fec415e90993a469e4c285d12b9bbd610e3fee04e8c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Connection keep-alive Cache-Control no-cache Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 18 May 2018 11:52:53 GMT Connection keep-alive Server nginx/1.6.2 Set-Cookie io=KHNxODgf7YsUMdXHAAAD; Path=/; HttpOnly Content-Length 101 Content-Type application/octet-stream
GET H/1.1	200 OK	Cookie set / Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/	44 B 292 B	247ms 247ms	XHR application/octet-stream	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/?EIO=3&transport=polling&t=MDp67cU&sid=KHNxODgf7YsUMdXHAAAD Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash b3965ffa8613d824cf1e42b7a36b4224a7f97788618516451be3aaccf1e1d1f8 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Cookie io=KHNxODgf7YsUMdXHAAAD Connection keep-alive Cache-Control no-cache Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 18 May 2018 11:52:54 GMT Connection keep-alive Server nginx/1.6.2 Set-Cookie io=KHNxODgf7YsUMdXHAAAD; Path=/; HttpOnly Content-Length 44 Content-Type application/octet-stream
GET H/1.1	200 OK	Cookie set / Show response ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/	4 B 251 B	350ms 350ms	XHR application/octet-stream	104.131.54.221 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/?EIO=3&transport=polling&t=MDp67gN&sid=KHNxODgf7YsUMdXHAAAD Requested by Host: ptl-cb8b65f0-f0e6e959.libcurl.so URL: http://ptl-cb8b65f0-f0e6e959.libcurl.so/wetty/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.131.54.221 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ptl-cb8b65f0-f0e6e959.libcurl.so User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ Cookie io=KHNxODgf7YsUMdXHAAAD Connection keep-alive Cache-Control no-cache Accept */* Referer http://ptl-cb8b65f0-f0e6e959.libcurl.so/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 18 May 2018 11:52:54 GMT Connection keep-alive Server nginx/1.6.2 Set-Cookie io=KHNxODgf7YsUMdXHAAAD; Path=/; HttpOnly Content-Length 4 Content-Type application/octet-stream

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pentesterlab.com
ptl-cb8b65f0-f0e6e959.libcurl.so
104.131.54.221
54.172.242.130
58abea898d23647590648a216049abf4a502e6b11a6043854eaf81ca59492bcc
8a192d6938c9152507ad439386434e73c3ce85a129463c1606fe535d467d7dda
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b3965ffa8613d824cf1e42b7a36b4224a7f97788618516451be3aaccf1e1d1f8
c71d035bb03177d15912a847505eda6771edd00b4115a1d459c252b8e95e4339
cfe698dcc99e3485bfe82969beac023391d4013fff56ff5ecb8b5d4c850b0b5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed0687a6e5c5d47f75186fec415e90993a469e4c285d12b9bbd610e3fee04e8c