1q2w3.fun Open in urlscan Pro
104.18.53.139  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response 1q2w3.fun/	1 KB 0	204ms 198ms	Document text/html	104.18.53.139 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://1q2w3.fun/ Protocol HTTP/1.1 Server 104.18.53.139 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 84dba0b1a98bbb692c55336a2f1226c82afc3d0665923a35b04f6ca320eca805 Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host 1q2w3.fun Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Fri, 12 Jan 2018 18:16:57 GMT Content-Encoding gzip Last-Modified Thu, 07 Dec 2017 15:20:12 GMT Server cloudflare Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Access-Control-Allow-Origin * Set-Cookie __cfduid=da7a517e4ef5ca4a7558d18f8b7f021ad1515781016; expires=Sat, 12-Jan-19 18:16:56 GMT; path=/; domain=.1q2w3.fun; HttpOnly Access-Control-Expose-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range Connection keep-alive CF-RAY 3dc21c1c36cb26ae-FRA Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
GET S	200	css fonts.googleapis.com/	760 B 0	16ms 15ms	Stylesheet text/css	216.58.207.42 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100 Requested by Host: 1q2w3.fun URL: http://1q2w3.fun/ Protocol SPDY Server 216.58.207.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s24-in-f10.1e100.net Software ESF / Resource Hash 1909f54225bcfa6ef3034e0550f7725ee8e18816dbdf2040b74ffd8182bd34f3 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://1q2w3.fun/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Fri, 12 Jan 2018 18:16:57 GMT content-encoding gzip last-modified Fri, 12 Jan 2018 18:16:57 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" x-xss-protection 1; mode=block expires Fri, 12 Jan 2018 18:16:57 GMT
GET S	200	ifRS04pY1nJBsu8-cUFUS-vvDin1pK8aKteLpeZ5c0A.woff2 fonts.gstatic.com/s/lato/v14/	13 KB 0	7ms 6ms	Font font/woff2	216.58.207.35 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v14/ifRS04pY1nJBsu8-cUFUS-vvDin1pK8aKteLpeZ5c0A.woff2 Protocol SPDY Server 216.58.207.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s24-in-f3.1e100.net Software sffe / Resource Hash b32a70335ff167a5fbb9ea002aac46575381fa8578f87b9128fb3a6817e8d440 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:100 Origin http://1q2w3.fun Response headers date Mon, 11 Dec 2017 09:13:51 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 18:22:56 GMT server sffe age 2797386 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" content-length 13184 x-xss-protection 1; mode=block expires Tue, 11 Dec 2018 09:13:51 GMT

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1q2w3.fun
fonts.googleapis.com
fonts.gstatic.com
104.18.53.139
216.58.207.35
216.58.207.42
1909f54225bcfa6ef3034e0550f7725ee8e18816dbdf2040b74ffd8182bd34f3
84dba0b1a98bbb692c55336a2f1226c82afc3d0665923a35b04f6ca320eca805
b32a70335ff167a5fbb9ea002aac46575381fa8578f87b9128fb3a6817e8d440