urlscan.io logo urlscan.io
SecurityTrails logo

coronahunt.app Open in urlscan Pro
2606:4700:3037::6812:3dbd  Public Scan

Go To Rescan Add Verdict Report
URL: https://coronahunt.app/
Submission: On March 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3037::6812:3dbd, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronahunt.app.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 23rd 2020. Valid for: 7 months.
This is the only time coronahunt.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    2606:4700:3037::6812:3dbd (United States)

ASN13335 (CLOUDFLARENET, US)
coronahunt.app
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)
widgets.amung.us
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3037::681b:a227 (United States)

ASN13335 (CLOUDFLARENET, US)
convertify.app
1    2606:4700:3034::6818:70d3 (United States)

ASN13335 (CLOUDFLARENET, US)
htmlcolors.com
1    2606:4700:3032::681f:5d9b (United States)

ASN13335 (CLOUDFLARENET, US)
colorpalettes.com
1    13.225.73.106 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-106.fra2.r.cloudfront.net
cssgradient.io
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
www.googletagservices.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
16 coronahunt.app coronahunt.app
unpkg.com
code.jquery.com
4 pagead2.googlesyndication.com coronahunt.app
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
coronahunt.app
2 unpkg.com 1 redirects coronahunt.app
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 cssgradient.io coronahunt.app
1 colorpalettes.com coronahunt.app
1 htmlcolors.com coronahunt.app
1 convertify.app coronahunt.app
1 fonts.googleapis.com coronahunt.app
1 www.googletagmanager.com coronahunt.app
1 widgets.amung.us coronahunt.app
1 whos.amung.us 1 redirects
1 code.jquery.com coronahunt.app
38 18

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
convertify.app
htmlcolors.com
colorpalettes.com
cssgradient.io
twitter.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-23 -
2020-10-09		 7 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
ssl714328.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-18 -
2020-08-26		 6 months crt.sh
whos.amung.us
GeoTrust EV RSA CA 2018		 2018-03-09 -
2020-05-25		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
cssgradient.io
Amazon		 2019-11-04 -
2020-12-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://coronahunt.app/
Frame ID: 1ECA468BD9BF4A06D30927E240FECCBE
Requests: 27 HTTP requests in this frame

Frame: https://coronahunt.app/ad.php
Frame ID: 3EB6ABAF5055CBF8211C8D4E3E6F6F5B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/zrt_lookup.html
Frame ID: BD5EAF41BA4DCF2789DEEDBAA4E10CF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9884048866626140&output=html&h=100&slotname=2521574375&adk=3569636337&adf=3279755397&w=320&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fcoronahunt.app%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1585214695483&bpp=19&bdt=130&fdt=111&idt=112&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&correlator=235101756987&frm=23&ife=1&pv=2&ga_vid=1027078340.1585214695&ga_sid=1585214696&ga_hid=1824719561&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1213&ady=96&biw=1600&bih=1200&isw=328&ish=115&ifk=3601069060&scr_x=0&scr_y=0&oid=3&pvsid=1216569854977936&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C328%2C115&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kpltzdri9a4m&fsb=1&dtd=129
Frame ID: B7A953768BBB6C103FA0AEE48920FA15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C82C57F4722DF95FCD26593716EE3E66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

82 %
IPv6

16
Domains

18
Subdomains

17
IPs

3
Countries

773 kB
Transfer

1789 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@0.19.2/dist/axios.min.js
Request Chain 5
  • https://whos.amung.us/swidget/gradienthunt.png HTTP 307
  • https://widgets.amung.us/small/00/16.png

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronahunt.app/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71d5a57eab3982c38ae0d0f9e18c6853dec21120c9871077ef7a1a6778ea875e

Request headers

:method
GET
:authority
coronahunt.app
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Thu, 26 Mar 2020 09:24:54 GMT
content-type
text/html
set-cookie
__cfduid=dd868e958f65bb305a4a83fff525cf0df1585214694; expires=Sat, 25-Apr-20 09:24:54 GMT; path=/; domain=.coronahunt.app; HttpOnly; SameSite=Lax; Secure
last-modified
Mon, 22 Oct 2018 18:07:28 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579fd242d86edfad-FRA
content-encoding
gzip
newstyle.css
coronahunt.app/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/newstyle.css
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69db7ba6d0c54959004e9280d44f893ead0bd7fd79bc4e27f10f2cd68f39590b

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 09:24:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 10 Mar 2019 06:40:06 GMT
server
cloudflare
etag
W/"5c84b146-2f82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
579fd24349c0dfad-FRA
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 26 Mar 2020 09:24:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
"54499a48-1762a"
Vary
Accept-Encoding
X-HW
1585214694.dop033.fr8.shc,1585214694.dop033.fr8.t,1585214694.cds106.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33202
functions.js
coronahunt.app/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/functions.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68ad3a69bc9cab9253d58ddcba5ff8588d63272ba6bb315a8ca68612439d82eb

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:09 GMT
server
cloudflare
etag
W/"5b1d5379-15a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=14400
cf-ray
579fd24349c1dfad-FRA
timeago.js
coronahunt.app/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/timeago.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f24664fdd66f531d4b456a397b1a200a6df075f1133b37f00d1bdcdbc6fe7e0

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:29 GMT
server
cloudflare
etag
W/"5b1d538d-2781"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=14400
cf-ray
579fd24349c3dfad-FRA
axios.min.js
unpkg.com/axios@0.19.2/dist/
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@0.19.2/dist/axios.min.js
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@0.19.2/dist/axios.min.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5547239
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"36a9-7tzqdxpnjCnFk5qq2I3A8iiPNvw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
fc6f42a4695748ec401603fc45c3a946
cache-control
public, max-age=31536000
cf-ray
579fd243db401f45-FRA

Redirect headers

date
Thu, 26 Mar 2020 09:24:55 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8
status
302
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
53
server
cloudflare
location
/axios@0.19.2/dist/axios.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
a10fc7e8a8fb1435cd6b073b7cd9dc58
cache-control
public, s-maxage=600, max-age=60
cf-ray
579fd2435a271f45-FRA
16.png
widgets.amung.us/small/00/
Redirect Chain
  • https://whos.amung.us/swidget/gradienthunt.png
  • https://widgets.amung.us/small/00/16.png
320 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/00/16.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB),
Reverse DNS
Software
/
Resource Hash
96089f0c5d1376d2623c03c8ef5e5ebd477e90041820c01281a61c55b8925730

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
access-control-allow-origin
*
etag
"4c14a96d-140"
content-type
image/png
status
200
cache-control
max-age=86400, private
accept-ranges
bytes
content-length
320
expires
Fri, 27 Mar 2020 09:24:55 GMT

Redirect headers

status
307
date
Thu, 26 Mar 2020 09:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/small/00/16.png
content-type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-121880451-1
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b84b032402fdc97d6a97e8a17b76d030825b1bc7727d9ead20356932108141d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:54 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28642
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Mar 2020 09:24:54 GMT
build.js
coronahunt.app/dist/ 		933 KB
392 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/dist/build.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297085224bb5f3512625c123bee37ba357e82c0ce80dbab1c3294bfd8294e10e

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 26 Mar 2020 02:17:07 GMT
server
cloudflare
etag
W/"5e7c10a3-e9326"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=14400
cf-ray
579fd2436a2adfad-FRA
css
fonts.googleapis.com/ 		10 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e4138ee804967f13637db368b6fea242630459d9121c20ee6c682b01a17adb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 09:24:55 GMT
server
ESF
date
Thu, 26 Mar 2020 09:24:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Mar 2020 09:24:55 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121880451-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2780
date
Thu, 26 Mar 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 26 Mar 2020 10:38:35 GMT
collect
www.google-analytics.com/r/ 		35 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=464570946&t=pageview&_s=1&dl=https%3A%2F%2Fcoronahunt.app%2F&ul=en-us&de=UTF-8&dt=Gradient%20Hunt%20-%20Beautiful%20Color%20Gradients&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=209378876&gjid=1761928957&cid=1027078340.1585214695&tid=UA-121880451-1&_gid=128331735.1585214695&_r=1&gtm=2ou3i0&z=628447921
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 26 Mar 2020 09:24:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		43 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01dd2db661774d14cb37e18b743efce0f1cc59a8c0efd7b184d250cb86f0cd31

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
icon-heart.png
coronahunt.app/img/ 		753 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronahunt.app/img/icon-heart.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ea07997624211fa37efd629c06a87cc2d8f096e3912f72a495740b8c10a6a7

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:41 GMT
server
cloudflare
etag
"2f1-56e4c3cd95840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd244de1fdfad-FRA
content-length
753
icon_dropdown.png
coronahunt.app/img/ 		741 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronahunt.app/img/icon_dropdown.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89954cd231006f6be6a2b0fade655ee467e09f16a96a4f549a150a1f6b555a84

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:38 GMT
server
cloudflare
etag
"2e5-56e4c3cab9180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd244de23dfad-FRA
content-length
741
chrome.png
coronahunt.app/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronahunt.app/img/chrome.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10136edd8f47743c4a707b1844a67f89be8b5de5dedf04d38a7ab5a7b450c5e6

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Aug 2018 23:24:33 GMT
server
cloudflare
etag
"ae4-572cc9472ce40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd244de25dfad-FRA
content-length
2788
logochicken.png
convertify.app/assets/img/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://convertify.app/assets/img/logochicken.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:a227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb27c2b26fc1bdb8ec0a4378efa86152e6aa48eb0be6a697daa3e5d65ae8bf21

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 10 Nov 2019 23:36:53 GMT
server
cloudflare
etag
"e7a7-597067d662f40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd24579a3978a-FRA
content-length
59303
favicon.png
htmlcolors.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://htmlcolors.com/favicon.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:70d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f5451620f33ee31028f5720c310d7955aa67237e21108c4e5b1e39fc974d70

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 15 Jul 2018 22:43:20 GMT
server
cloudflare
etag
"af0-571117090c900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd2456cd1c303-FRA
content-length
2800
palettegreen-vector.png
colorpalettes.com/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://colorpalettes.com/img/palettegreen-vector.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:5d9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d292f79f152981a81114b5df3b8d11a9b33d83b97db14bd65982845bc052a8

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 Apr 2019 18:39:29 GMT
server
cloudflare
etag
"1847-585e0ec69c426"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd2456edbdfbf-FRA
content-length
6215
logo-55c31c59.svg
cssgradient.io/images/ 		706 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cssgradient.io/images/logo-55c31c59.svg
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.106 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da40fb91ce92d50293ebaa9833acb9833caa321f1a3d82c2888fefc74c292e06

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 16 Mar 2020 18:59:40 GMT
via
1.1 e5b747ffd1713cb17ddd7d55234a3301.cloudfront.net (CloudFront)
last-modified
Sun, 13 May 2018 06:06:23 GMT
server
AmazonS3
age
829837
etag
"2515bf7df06d75a57d5f930464aca7b3"
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=2629000
x-amz-cf-pop
FRA2-C2
content-length
706
x-amz-cf-id
7yRUDwhL6g2MGOmiMcmPILCSohm-I2HdTewvzjXW2-TBCfOKOzwL0g==
icon-heart-blue.png
coronahunt.app/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronahunt.app/img/icon-heart-blue.png
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6dd4313e30e4fcc4cc48ffec9c31b7be166375b0faef2a5bc2e7c24b26042c

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:40 GMT
server
cloudflare
etag
"558-56e4c3cca1600"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd244de27dfad-FRA
content-length
1368
thecookie.php
coronahunt.app/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/thecookie.php
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios@0.19.2/dist/axios.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronahunt.app/
Origin
https://coronahunt.app
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
579fd244de1ddfad-FRA
newgradients.php
coronahunt.app/ 		2 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/newgradients.php
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios@0.19.2/dist/axios.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronahunt.app/
Origin
https://coronahunt.app
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
579fd244de2adfad-FRA
likesgradients.php
coronahunt.app/ 		2 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/likesgradients.php
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios@0.19.2/dist/axios.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronahunt.app/
Origin
https://coronahunt.app
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
579fd244de2cdfad-FRA
browser.php
coronahunt.app/ 		7 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/browser.php
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios@0.19.2/dist/axios.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
68693d02ab4fbb2331b8cc39915322e48e61f06d4d1b31e7d19913202857bc8a

Request headers

Accept
application/json, text/plain, */*
Referer
https://coronahunt.app/
Origin
https://coronahunt.app
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
579fd244de30dfad-FRA
Lato-Regular.woff
coronahunt.app/letra/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/letra/Lato-Regular.woff
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5ff49b5169cb1a0649c084794ead30fe58ccb6aa54e6ee0ef160f6719d1fdb

Request headers

Referer
https://coronahunt.app/newstyle.css
Origin
https://coronahunt.app
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:51 GMT
server
cloudflare
etag
"936c-56e4c3d71eec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-woff
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd244de34dfad-FRA
content-length
37740
ad.php
coronahunt.app/ Frame 3EB6 		408 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://coronahunt.app/ad.php
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/dist/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
50a142a08acd552e78a8323e4c0da4f151ee9272b7b90df58b27dcbdb7fd75c3

Request headers

:method
GET
:authority
coronahunt.app
:scheme
https
:path
/ad.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://coronahunt.app/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dd868e958f65bb305a4a83fff525cf0df1585214694; _ga=GA1.2.1027078340.1585214695; _gid=GA1.2.128331735.1585214695; _gat_gtag_UA_121880451_1=1; type=ujdigejutxmtfvbbqppsvlqpqqsqkx
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronahunt.app/

Response headers

status
200
date
Thu, 26 Mar 2020 09:24:55 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579fd2456f9adfad-FRA
content-encoding
gzip
loader.gif
coronahunt.app/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronahunt.app/img/loader.gif
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3dbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c975d844006085b453923ae35112d18b23fc732fe46357b82cee6e82f6030e0c

Request headers

Referer
https://coronahunt.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
cf-cache-status
MISS
last-modified
Sun, 10 Jun 2018 16:36:41 GMT
server
cloudflare
etag
"5b1d5399-2a94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
579fd2457fc7dfad-FRA
content-length
10900
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3EB6 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: coronahunt.app
URL: https://coronahunt.app/ad.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c005dba1d518d8fcd6bb8b0cd5264947d7c8c5b53363556d98c453428a376ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39033
x-xss-protection
0
server
cafe
etag
13352514705584774431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Mar 2020 09:24:55 GMT
integrator.js
adservice.google.de/adsid/ Frame 3EB6 		109 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=coronahunt.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3EB6 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=coronahunt.app
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/ Frame 3EB6 		224 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fea51227a0d0a882dcf26ad5791bdf3bbb79958e076630e86427a8266300a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
85515
x-xss-protection
0
server
cafe
etag
13950792502640807200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Mar 2020 09:24:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/ Frame BD5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200319/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200319/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronahunt.app/ad.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronahunt.app/ad.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 21 Mar 2020 12:05:08 GMT
expires
Sat, 04 Apr 2020 12:05:08 GMT
content-type
text/html; charset=UTF-8
etag
17714563530871986051
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4497
x-xss-protection
0
cache-control
public, max-age=1209600
age
422387
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame B7A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9884048866626140&output=html&h=100&slotname=2521574375&adk=3569636337&adf=3279755397&w=320&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fcoronahunt.app%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1585214695483&bpp=19&bdt=130&fdt=111&idt=112&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&correlator=235101756987&frm=23&ife=1&pv=2&ga_vid=1027078340.1585214695&ga_sid=1585214696&ga_hid=1824719561&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1213&ady=96&biw=1600&bih=1200&isw=328&ish=115&ifk=3601069060&scr_x=0&scr_y=0&oid=3&pvsid=1216569854977936&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C328%2C115&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kpltzdri9a4m&fsb=1&dtd=129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9884048866626140&output=html&h=100&slotname=2521574375&adk=3569636337&adf=3279755397&w=320&psa=0&guci=1.2.0.0.2.2.0.0&format=320x100&url=https%3A%2F%2Fcoronahunt.app%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1585214695483&bpp=19&bdt=130&fdt=111&idt=112&shv=r20200319&cbv=r20190131&ptt=9&saldr=aa&correlator=235101756987&frm=23&ife=1&pv=2&ga_vid=1027078340.1585214695&ga_sid=1585214696&ga_hid=1824719561&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=5&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1213&ady=96&biw=1600&bih=1200&isw=328&ish=115&ifk=3601069060&scr_x=0&scr_y=0&oid=3&pvsid=1216569854977936&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C328%2C115&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.kpltzdri9a4m&fsb=1&dtd=129
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronahunt.app/ad.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronahunt.app/ad.php

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 26 Mar 2020 09:24:55 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Mar-2020 09:39:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3EB6 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585165059237800"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
28015
x-xss-protection
0
expires
Thu, 26 Mar 2020 09:24:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EB6 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200319&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c110781b0373dbbc464a2f966deb7d2061352356efe490253b5e5df78c72be14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
Origin
https://coronahunt.app
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5224
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EB6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200319/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 09:24:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Thu, 26 Mar 2020 09:24:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C82C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronahunt.app/ad.php
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronahunt.app/ad.php

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Thu, 26 Mar 2020 08:49:16 GMT
expires
Fri, 26 Mar 2021 08:49:16 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2139
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EB6 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200319&jk=1216569854977936&bg=!QkGlQVlY_S10ZVB33a4CAAAAU1IAAAAtmQFyxD_ntrM_j5WOlSO2qZwgC1VKwbNaKuRYCcvBsec3ud19q3ULHyHEf0ZQ8T77NBRjNgBPZZP9BpL_LVcAKYR7oiB-p2fnkEsRfZVdcJ4PoospJJJcE3SCq84H1FiNyyM8H4It6y9JrW5P7R7lVPgy1JWLiTMAze3YPTKjv0S43Qs7vPIV5kBf0YdqlbbJtzaVgm0ChrfP2bnXmkW3-XvX-qRCfe2hEu2pXft7OUt_9nvrJx7Ktcw1aaBAigSxzrDOTX2b4RWtasF3WGvht7ouuQcT5auoaEtkGvhcVHa4He-HDMSbMcEZdkj58PJ-SydUcXM-1btfBFIcFzI0fq9_8erbpw6KUmx1c14S0JiKRbgAq8ELv_MQXSzPq1q_96Ol-mOVFfRwHWvllYm_qe3WkmtLhJtKZepVVTmq2GIU3cKGZ4YGYAfREtJ3VoFt9Q3EvwUVxUAdFH8kD-uCbZd8i62M7YVN3qCOc1dsl2gAIitSeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronahunt.app/ad.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 26 Mar 2020 09:24:56 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| taker function| run_items function| itemer function| copy function| like function| list_likes function| place_like function| formatThousands function| select_sort_button function| select_menu_button function| like_first_palette_tip function| timeago function| axios function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| Color function| Chart object| vm object| google_reactive_ads_global_state object| google_jobrunner object| google_ad_modifications number| google_global_correlator object| google_prev_clients

6 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.coronahunt.app/ Name: _gat_gtag_UA_121880451_1
Value: 1
.coronahunt.app/ Name: _gid
Value: GA1.2.128331735.1585214695
coronahunt.app/ Name: type
Value: ujdigejutxmtfvbbqppsvlqpqqsqkx
.coronahunt.app/ Name: _ga
Value: GA1.2.1027078340.1585214695
.coronahunt.app/ Name: __cfduid
Value: dd868e958f65bb305a4a83fff525cf0df1585214694

2 Console Messages

Source Level URL
Text
console-api log URL: https://coronahunt.app/dist/build.js(Line 1)
Message:
console-api log URL: https://coronahunt.app/dist/build.js(Line 1)
Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
colorpalettes.com
convertify.app
coronahunt.app
cssgradient.io
fonts.googleapis.com
googleads.g.doubleclick.net
htmlcolors.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
unpkg.com
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.225.73.106
185.225.208.133
2001:4de0:ac19::1:b:3a
2606:4700:3032::681f:5d9b
2606:4700:3034::6818:70d3
2606:4700:3037::6812:3dbd
2606:4700:3037::681b:a227
2606:4700::6810:7eaf
2a00:1450:4001:800::200e
2a00:1450:4001:806::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
67.202.94.86
01dd2db661774d14cb37e18b743efce0f1cc59a8c0efd7b184d250cb86f0cd31
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e4138ee804967f13637db368b6fea242630459d9121c20ee6c682b01a17adb5
10136edd8f47743c4a707b1844a67f89be8b5de5dedf04d38a7ab5a7b450c5e6
1fea51227a0d0a882dcf26ad5791bdf3bbb79958e076630e86427a8266300a2a
297085224bb5f3512625c123bee37ba357e82c0ce80dbab1c3294bfd8294e10e
3b84b032402fdc97d6a97e8a17b76d030825b1bc7727d9ead20356932108141d
3c005dba1d518d8fcd6bb8b0cd5264947d7c8c5b53363556d98c453428a376ef
4b6dd4313e30e4fcc4cc48ffec9c31b7be166375b0faef2a5bc2e7c24b26042c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
50a142a08acd552e78a8323e4c0da4f151ee9272b7b90df58b27dcbdb7fd75c3
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5e5ff49b5169cb1a0649c084794ead30fe58ccb6aa54e6ee0ef160f6719d1fdb
5f24664fdd66f531d4b456a397b1a200a6df075f1133b37f00d1bdcdbc6fe7e0
68693d02ab4fbb2331b8cc39915322e48e61f06d4d1b31e7d19913202857bc8a
68ad3a69bc9cab9253d58ddcba5ff8588d63272ba6bb315a8ca68612439d82eb
69db7ba6d0c54959004e9280d44f893ead0bd7fd79bc4e27f10f2cd68f39590b
71d5a57eab3982c38ae0d0f9e18c6853dec21120c9871077ef7a1a6778ea875e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89954cd231006f6be6a2b0fade655ee467e09f16a96a4f549a150a1f6b555a84
96089f0c5d1376d2623c03c8ef5e5ebd477e90041820c01281a61c55b8925730
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a7ea07997624211fa37efd629c06a87cc2d8f096e3912f72a495740b8c10a6a7
c110781b0373dbbc464a2f966deb7d2061352356efe490253b5e5df78c72be14
c975d844006085b453923ae35112d18b23fc732fe46357b82cee6e82f6030e0c
c9f5451620f33ee31028f5720c310d7955aa67237e21108c4e5b1e39fc974d70
da40fb91ce92d50293ebaa9833acb9833caa321f1a3d82c2888fefc74c292e06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d292f79f152981a81114b5df3b8d11a9b33d83b97db14bd65982845bc052a8
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb27c2b26fc1bdb8ec0a4378efa86152e6aa48eb0be6a697daa3e5d65ae8bf21
f2e60d0a77f1d63a9fd3b21fbb9d21345a61dc43d6c9b749e45753c5d993a6e8