coronaletters.com Open in urlscan Pro
18.194.213.15  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response coronaletters.com/	49 KB 51 KB	426ms 355ms	Document text/html	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 7a542620f854940853014fd22792db61fcc3f32f24235408178d788a1d7113b0 Request headers :method GET :authority coronaletters.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT content-type text/html; charset=UTF-8 server Apache cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6IlRRQWFwaGJlYW5PR2EySktXVGo4MFE9PSIsInZhbHVlIjoiQ3hOREwwK1IvV3BzTzU3ZDg4SVFzb1MxWjA3bU53SVJrSDlFaUtyZ2cvZFA5YUYrMHM4ZHBKZW0reWNoQ2F6cSIsIm1hYyI6IjI3OGIzNDBkZWRmMjBhODU3ZGE3YmVhYWU2NjMwNjllYWE4ZjYzMmNkZDJjZjQ1ZmQyZWMwZTM3NTA5ZTAzYzgifQ%3D%3D; expires=Sun, 05-Apr-2020 11:56:10 GMT; Max-Age=7200; path=/; samesite=lax coronaletters_session=eyJpdiI6IlJDSUdaalN2cUpxT1V4RVdBMnVUQ1E9PSIsInZhbHVlIjoicExpODYyZmw3S3dFWGVkSzRFMis0YUVXSmpNVVdrYm1tTGRwU1QwNWJGUG1nRWJIY3E3eXlrTSs0TEJ3WkJvNCIsIm1hYyI6IjNlMzhkMjhiYTlmOThlZTZhNDA3OWQ1MmJjNGM1MGZkNzEzMTk0ZDliYmY2ZjU2NWQwN2YyOTBhODRlZjI3NGMifQ%3D%3D; expires=Sun, 05-Apr-2020 11:56:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax lPudT2YRqC8sMqoMVYlv0TDED2cqGWCPJFlLfClx=eyJpdiI6ImpYb0VnV3pxNm94TWxqRnlXd0RxYlE9PSIsInZhbHVlIjoiMFNYZzVJK2txc0U1bE5GelF6cnE3eVhTUUFSWjBZNmdrdUtQcmVEdEdsSDdObDg5VnRpelozYjg1Ri9QRjlTNFk3czFNRXNxNThhUEZXOGFxNktrWTF5YzkxQ0VVR1RYTVZFcnBJbDhKUkgrT3RpVkNhdllQNGtKS2wrZkx0bFRFZGNqb0FNdDlNa01YamZyMUlvdjVzeTVkcnE3aTk3L0lUNDdBYTRJZkxwQ3VHRG1OcnltWnh3ZFZWU3ovRTZBOTM1alp5MDFhKzQ5U3dHNDlBQTZxdW1IaDFMWm5xK3dBdHcvZjQvcmtWaFBpRUxCQ3FNNUVTMXNEQUZEYzJBSFRFU1RZVmlLa3RxSEVCcnA5eG9Calo1cFo5UXF5Z0tncElzelI0bndCNEhlM00wL25yRnV1OUJ5K09qRWZLbm4iLCJtYWMiOiI0ZWVjN2IwZTc5MzU5ODY2ZmViY2U1NzA5ZWRjNDAwNmZlYjg1NDlhODE1MjEyOWI1MjJjNDFiY2Q1YTAxNTVlIn0%3D; expires=Sun, 05-Apr-2020 11:56:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/	156 KB 23 KB	158ms 135ms	Stylesheet text/css	2001:4de0:ac19::1:b:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Request headers Referer https://coronaletters.com/ Origin https://coronaletters.com Sec-Fetch-Dest style User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 05 Apr 2020 09:56:10 GMT content-encoding gzip last-modified Thu, 28 Nov 2019 17:52:46 GMT access-control-allow-origin * etag "1574963566" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 status 200 cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 23681
GET H2	200	css fonts.googleapis.com/	6 KB 791 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8db3e566770b08c6549734241be416b3017b09c13160a8530759ba177ae0e922 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 05 Apr 2020 09:56:10 GMT server ESF date Sun, 05 Apr 2020 09:56:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Apr 2020 09:56:10 GMT
GET H2	200	main.css coronaletters.com/css/	348 KB 348 KB	22ms 21ms	Stylesheet text/css	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coronaletters.com/css/main.css Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash b767ae61dd25f134231e386743c364bf2239d1d4e0e5fd61893218e5c0f1bae9 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Sat, 04 Apr 2020 18:14:09 GMT server Apache accept-ranges bytes content-length 356093 content-type text/css
GET H2	200	uikit.js Show response coronaletters.com/js/	195 KB 195 KB	31ms 30ms	Script text/javascript	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coronaletters.com/js/uikit.js Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 2e94d59f6dd2734a389fb465ee4fbbd7359c8175d6f36a5e572a728c59fd957b Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 199365 content-type text/javascript
GET H2	200	CL_Side.png coronaletters.com/img/logo/	4 KB 4 KB	27ms 26ms	Image image/png	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/logo/CL_Side.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 3cc2c13ae6e4b7f74dc0edea0d67878fddc0525b7b03e3ddf5393fc1ada8c6b7 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Sat, 04 Apr 2020 17:01:30 GMT server Apache accept-ranges bytes content-length 3950 content-type image/png
GET H2	200	Hopeful.png coronaletters.com/img/emoji/	675 B 804 B	43ms 43ms	Image image/png	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/emoji/Hopeful.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 1f597bdb8acb69ecfd0ece36e6fd58a770e6abec0e29ad2ff4db5a2a3bc9b602 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 675 content-type image/png
GET H2	200	Confused.png coronaletters.com/img/emoji/	880 B 1009 B	36ms 35ms	Image image/png	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/emoji/Confused.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash dfa0ce0f7765533e435f5d2a03545d09644f3f9d10d00d65275828c0090ad5da Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 880 content-type image/png
GET H2	200	Sad.png coronaletters.com/img/emoji/	673 B 802 B	21ms 21ms	Image image/png	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/emoji/Sad.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e620ef931e33983d3afcf29d440bd130b5c8d4969edeb284cf276316fb5d1a06 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:11 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 673 content-type image/png
GET H2	200	Angry.png coronaletters.com/img/emoji/	1 KB 1 KB	21ms 21ms	Image image/png	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/emoji/Angry.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash d77fddaa3187a10b9f31c330672b238ba1bc95d967a7061a18bd702efd7f6396 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:11 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 1060 content-type image/png
GET H2	200	livewire.js Show response coronaletters.com/livewire/	122 KB 122 KB	61ms 60ms	Script application/javascript	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coronaletters.com/livewire/livewire.js?id=8287851ee96a9e0ff120 Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 37b971f3ff3cac159aebfdb69cd68af4af90970a449e5ff1fd488edfb5535d66 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sun, 05 Apr 2020 09:56:11 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache content-type application/javascript; charset=utf-8 status 200 cache-control max-age=31536000, public accept-ranges bytes content-length 124614 expires Mon, 05 Apr 2021 09:56:11 GMT
GET H/1.1	200 OK	count.js Show response coronaletters.disqus.com/	1 KB 1 KB	67ms 23ms	Script application/javascript	151.101.112.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://coronaletters.disqus.com/count.js Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 09:56:11 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 1599501 P3P CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Connection keep-alive Content-Length 871 X-XSS-Protection 1; mode=block Last-Modified Tue, 17 Mar 2020 01:10:10 GMT Server nginx ETag "5e702372-367" Vary Accept-Encoding Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=300 Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
GET H2	200	ruletop.png wearerule.com/images/	22 KB 22 KB	106ms 36ms	Image image/png	85.93.88.149 GD-EMEA-DC-SXB1
General Check archive.org Show headers Download Go to Show image Full URL https://wearerule.com/images/ruletop.png Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 85.93.88.149 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE), Reverse DNS malta2351.startdedicated.com Software nginx / PleskLin Resource Hash 5d977f99a99558c4d4e944a4c4d788443d3c3b2aa3c37c84f950f2e7236b1ea9 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Sun, 05 Apr 2020 09:56:11 GMT etag "5e4939bb-57dc" last-modified Sun, 16 Feb 2020 12:46:51 GMT server nginx x-powered-by PleskLin content-type image/png status 200 accept-ranges bytes content-length 22492
GET H2	200	awesomplete.js Show response coronaletters.com/js/	8 KB 8 KB	22ms 22ms	Script text/javascript	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coronaletters.com/js/awesomplete.js Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 7b8b06538d2fceaded29c7249ff0d58e5ded31cecbbf0eb61cd3cc1790616e32 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers status 200 date Sun, 05 Apr 2020 09:56:10 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 8431 content-type text/javascript
GET H2	200	js Show response www.googletagmanager.com/gtag/	76 KB 28 KB	17ms 17ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-155037861-1 Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 970b9fbe2d2ab7a93d1a4b1cfc142304a67a433700ed4b1e55c754b237730e42 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Sun, 05 Apr 2020 09:56:11 GMT content-encoding br status 200 strict-transport-security max-age=31536000; includeSubDomains alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 29063 x-xss-protection 0 last-modified Sun, 05 Apr 2020 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 05 Apr 2020 09:56:11 GMT
GET H2	200	coronavirus-back.jpeg coronaletters.com/img/	82 KB 82 KB	24ms 24ms	Image image/jpeg	18.194.213.15 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coronaletters.com/img/coronavirus-back.jpeg Requested by Host: coronaletters.com URL: https://coronaletters.com/js/uikit.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.194.213.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-194-213-15.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 31606e53d11a1fc1a742fe3817d1b41417da00dbe79ad2e763d934b454b65d76 Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers status 200 date Sun, 05 Apr 2020 09:56:11 GMT last-modified Fri, 03 Apr 2020 20:05:22 GMT server Apache accept-ranges bytes content-length 83656 content-type image/jpeg
GET DATA	200 OK	truncated /	194 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e02e33449e51dca3e717f7779027ce076d853512df5aa81dc31b4057de542949 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2 fonts.gstatic.com/s/montserrat/v14/	13 KB 13 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2 Requested by Host: coronaletters.com URL: https://coronaletters.com/js/uikit.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap Origin https://coronaletters.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 04 Apr 2020 04:04:34 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:46:41 GMT server sffe age 107497 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13640 x-xss-protection 0 expires Sun, 04 Apr 2021 04:04:34 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2 fonts.gstatic.com/s/montserrat/v14/	13 KB 13 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2 Requested by Host: coronaletters.com URL: https://coronaletters.com/js/uikit.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/css?family=Montserrat:400,500,600&display=swap Origin https://coronaletters.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sat, 28 Mar 2020 10:27:31 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:46:50 GMT server sffe age 689320 content-type font/woff2 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * access-control-allow-origin * content-length 13464 x-xss-protection 0 expires Sun, 28 Mar 2021 10:27:31 GMT
GET H/1.1	200 OK	count-data.js Show response coronaletters.disqus.com/	841 B 1 KB	20ms 20ms	Script application/javascript	151.101.112.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://coronaletters.disqus.com/count-data.js?2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F10&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F158&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F178&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F23&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F25&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F268&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F28&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F5&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F62&2=https%3A%2F%2Fcoronaletters.com%2Fletters%2F7 Requested by Host: coronaletters.disqus.com URL: https://coronaletters.disqus.com/count.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 66ddb3a7fe7b1fe71a043fec9c7a5a842164e722da2930526f99f30fb123b06a Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Sun, 05 Apr 2020 09:56:11 GMT X-Content-Type-Options nosniff Server nginx Age 601 X-Frame-Options SAMEORIGIN Connection keep-alive p3p CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect Cache-Control public, max-age=600 Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=UTF-8 Vary Accept-Encoding Content-Length 841 X-XSS-Protection 1; mode=block
GET H2	200	analytics.js Show response www.google-analytics.com/	44 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-155037861-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 06 Feb 2020 00:21:02 GMT server Golfe2 age 4959 date Sun, 05 Apr 2020 08:33:32 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 18174 expires Sun, 05 Apr 2020 10:33:32 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 111 B	17ms 17ms	Image image/gif	2a00:1450:4001:81c::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1440111131&t=pageview&_s=1&dl=https%3A%2F%2Fcoronaletters.com%2F&ul=en-us&de=UTF-8&dt=Corona%20Letters&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1243537746&gjid=375838739&cid=1658903984.1586080571&tid=UA-155037861-1&_gid=985881998.1586080571&_r=1&gtm=2ou3p1&z=146538398 Requested by Host: coronaletters.com URL: https://coronaletters.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://coronaletters.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Sun, 05 Apr 2020 09:56:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Livewire boolean| firstTime object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine function| readMore function| Awesomplete function| gtag object| dataLayer object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.coronaletters.com/	1970-01-19 08:36:06	Name: _gid Value: GA1.2.985881998.1586080571
			.coronaletters.com/	1970-01-19 08:34:40	Name: _gat_gtag_UA_155037861_1 Value: 1
			.coronaletters.com/	1970-01-20 02:05:52	Name: _ga Value: GA1.2.1658903984.1586080571
			coronaletters.com/	1970-01-19 08:34:47	Name: lPudT2YRqC8sMqoMVYlv0TDED2cqGWCPJFlLfClx Value: eyJpdiI6ImpYb0VnV3pxNm94TWxqRnlXd0RxYlE9PSIsInZhbHVlIjoiMFNYZzVJK2txc0U1bE5GelF6cnE3eVhTUUFSWjBZNmdrdUtQcmVEdEdsSDdObDg5VnRpelozYjg1Ri9QRjlTNFk3czFNRXNxNThhUEZXOGFxNktrWTF5YzkxQ0VVR1RYTVZFcnBJbDhKUkgrT3RpVkNhdllQNGtKS2wrZkx0bFRFZGNqb0FNdDlNa01YamZyMUlvdjVzeTVkcnE3aTk3L0lUNDdBYTRJZkxwQ3VHRG1OcnltWnh3ZFZWU3ovRTZBOTM1alp5MDFhKzQ5U3dHNDlBQTZxdW1IaDFMWm5xK3dBdHcvZjQvcmtWaFBpRUxCQ3FNNUVTMXNEQUZEYzJBSFRFU1RZVmlLa3RxSEVCcnA5eG9Calo1cFo5UXF5Z0tncElzelI0bndCNEhlM00wL25yRnV1OUJ5K09qRWZLbm4iLCJtYWMiOiI0ZWVjN2IwZTc5MzU5ODY2ZmViY2U1NzA5ZWRjNDAwNmZlYjg1NDlhODE1MjEyOWI1MjJjNDFiY2Q1YTAxNTVlIn0%3D
			coronaletters.com/	1970-01-19 08:34:47	Name: coronaletters_session Value: eyJpdiI6IlJDSUdaalN2cUpxT1V4RVdBMnVUQ1E9PSIsInZhbHVlIjoicExpODYyZmw3S3dFWGVkSzRFMis0YUVXSmpNVVdrYm1tTGRwU1QwNWJGUG1nRWJIY3E3eXlrTSs0TEJ3WkJvNCIsIm1hYyI6IjNlMzhkMjhiYTlmOThlZTZhNDA3OWQ1MmJjNGM1MGZkNzEzMTk0ZDliYmY2ZjU2NWQwN2YyOTBhODRlZjI3NGMifQ%3D%3D
			coronaletters.com/	1970-01-19 08:34:47	Name: XSRF-TOKEN Value: eyJpdiI6IlRRQWFwaGJlYW5PR2EySktXVGo4MFE9PSIsInZhbHVlIjoiQ3hOREwwK1IvV3BzTzU3ZDg4SVFzb1MxWjA3bU53SVJrSDlFaUtyZ2cvZFA5YUYrMHM4ZHBKZW0reWNoQ2F6cSIsIm1hYyI6IjI3OGIzNDBkZWRmMjBhODU3ZGE3YmVhYWU2NjMwNjllYWE4ZjYzMmNkZDJjZjQ1ZmQyZWMwZTM3NTA5ZTAzYzgifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronaletters.com
coronaletters.disqus.com
fonts.googleapis.com
fonts.gstatic.com
stackpath.bootstrapcdn.com
wearerule.com
www.google-analytics.com
www.googletagmanager.com
151.101.112.134
18.194.213.15
2001:4de0:ac19::1:b:3a
2a00:1450:4001:808::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2003
85.93.88.149
1f597bdb8acb69ecfd0ece36e6fd58a770e6abec0e29ad2ff4db5a2a3bc9b602
2e94d59f6dd2734a389fb465ee4fbbd7359c8175d6f36a5e572a728c59fd957b
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
31606e53d11a1fc1a742fe3817d1b41417da00dbe79ad2e763d934b454b65d76
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
37b971f3ff3cac159aebfdb69cd68af4af90970a449e5ff1fd488edfb5535d66
3cc2c13ae6e4b7f74dc0edea0d67878fddc0525b7b03e3ddf5393fc1ada8c6b7
5d977f99a99558c4d4e944a4c4d788443d3c3b2aa3c37c84f950f2e7236b1ea9
66ddb3a7fe7b1fe71a043fec9c7a5a842164e722da2930526f99f30fb123b06a
7a542620f854940853014fd22792db61fcc3f32f24235408178d788a1d7113b0
7b8b06538d2fceaded29c7249ff0d58e5ded31cecbbf0eb61cd3cc1790616e32
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8db3e566770b08c6549734241be416b3017b09c13160a8530759ba177ae0e922
970b9fbe2d2ab7a93d1a4b1cfc142304a67a433700ed4b1e55c754b237730e42
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
b767ae61dd25f134231e386743c364bf2239d1d4e0e5fd61893218e5c0f1bae9
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d77fddaa3187a10b9f31c330672b238ba1bc95d967a7061a18bd702efd7f6396
dfa0ce0f7765533e435f5d2a03545d09644f3f9d10d00d65275828c0090ad5da
e02e33449e51dca3e717f7779027ce076d853512df5aa81dc31b4057de542949
e620ef931e33983d3afcf29d440bd130b5c8d4969edeb284cf276316fb5d1a06
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d