URL: http://1q2w3.fun/
Submission: On April 13 via manual from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 104.18.53.139, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 1q2w3.fun.
This is the only time 1q2w3.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.18.53.139 13335 (CLOUDFLAR...)
1 216.58.214.106 15169 (GOOGLE)
1 216.58.214.99 15169 (GOOGLE)
3 3
Apex Domain
Subdomains
Transfer
1 gstatic.com
fonts.gstatic.com
29 KB
1 googleapis.com
fonts.googleapis.com
298 B
1 1q2w3.fun
1q2w3.fun
1 KB
3 3
Domain Requested by
1 fonts.gstatic.com
1 fonts.googleapis.com 1q2w3.fun
1 1q2w3.fun
3 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://1q2w3.fun/
Frame ID: 5CAC2ED2D504D95847D02FACED6A195E
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

3
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

30 kB
Transfer

56 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
1q2w3.fun/
1 KB
1 KB
Document
General
Full URL
http://1q2w3.fun/
Protocol
HTTP/1.1
Server
104.18.53.139 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
84dba0b1a98bbb692c55336a2f1226c82afc3d0665923a35b04f6ca320eca805

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
1q2w3.fun
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 13 Apr 2018 19:59:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2017 15:20:12 GMT
Server
cloudflare
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Set-Cookie
__cfduid=dc739e084f58fa402b7b04df9398508301523649588; expires=Sat, 13-Apr-19 19:59:48 GMT; path=/; domain=.1q2w3.fun; HttpOnly
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
CF-RAY
40b083e7d36d644b-FRA
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
css
fonts.googleapis.com/
222 B
298 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100
Requested by
Host: 1q2w3.fun
URL: http://1q2w3.fun/
Protocol
SPDY
Server
216.58.214.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f106.1e100.net
Software
ESF /
Resource Hash
3ba00ada682bdbc617991913b0f81d61c2e6b588ce22a5e0261980c029336ef0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://1q2w3.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 13 Apr 2018 19:59:48 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 13 Apr 2018 19:59:48 GMT
S6u8w4BMUTPHh30AXC-v.ttf
fonts.gstatic.com/s/lato/v14/
54 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u8w4BMUTPHh30AXC-v.ttf
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
7dec6ebcf409811c84940d09fd3fdf2eab12c7f34e6312a3b310c720710eda72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100
Origin
http://1q2w3.fun

Response headers

date
Mon, 12 Feb 2018 17:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5191615
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
29158
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:22:56 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 17:52:53 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.1q2w3.fun/ Name: __cfduid
Value: dc739e084f58fa402b7b04df9398508301523649588

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1q2w3.fun
fonts.googleapis.com
fonts.gstatic.com
104.18.53.139
216.58.214.106
216.58.214.99
3ba00ada682bdbc617991913b0f81d61c2e6b588ce22a5e0261980c029336ef0
7dec6ebcf409811c84940d09fd3fdf2eab12c7f34e6312a3b310c720710eda72
84dba0b1a98bbb692c55336a2f1226c82afc3d0665923a35b04f6ca320eca805