coronawarriors.cf Open in urlscan Pro
2606:4700:3036::681b:ad66 Public Scan

URL:
http://coronawarriors.cf/
Submission: On May 15 via api (May 15th 2020, 1:05:55 am UTC) from BE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::681b:ad66, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronawarriors.cf.

This is the only time coronawarriors.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3036::681b:ad66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::681b:96bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.230.183.121 54.230.183.121	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
14	7

4 2606:4700:3036::681b:ad66 (United States)

ASN13335 (CLOUDFLARENET, US)

coronawarriors.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681b:96bc (United States)

ASN13335 (CLOUDFLARENET, US)

datadit.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-121.ham50.r.cloudfront.net

media.istockphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	google-analytics.com www.google-analytics.com	36 KB
4	coronawarriors.cf coronawarriors.cf	4 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	istockphoto.com media.istockphoto.com	17 KB
1	datadit.ml datadit.ml	812 KB
1	googleapis.com fonts.googleapis.com	581 B
14	7

	Domain	Requested by
4	www.google-analytics.com	www.googletagmanager.com coronawarriors.cf
4	coronawarriors.cf	coronawarriors.cf
2	www.googletagmanager.com	coronawarriors.cf
1	fonts.gstatic.com	coronawarriors.cf
1	media.istockphoto.com	coronawarriors.cf
1	datadit.ml	coronawarriors.cf
1	fonts.googleapis.com	coronawarriors.cf
14	7

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-16` - `2020-10-09`	6 months	crt.sh
media.gettyimages.com Amazon	`2020-05-09` - `2021-06-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://coronawarriors.cf/
Frame ID: 3FDBE57B59E9B7BC1FD82597A292291C
Requests: 4 HTTP requests in this frame

Frame: http://coronawarriors.cf/website.html
Frame ID: 920C90D93211DC4B869EC5D4B6413660
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

14
Requests

71 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

949 kB
Transfer

1103 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
coronawarriors.cf/ 1 KB
1 KB 174ms
160ms Document
text/html 2606:4700:3036::681b:ad66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://coronawarriors.cf/
Protocol: HTTP/1.1
Server: 2606:4700:3036::681b:ad66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a9c2eab04d7a17ef34573013c5f829adea250191ddc11a41a759c46d1444945

Request headers

Host: coronawarriors.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 01:05:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dadba0e80c481d1a76363be81c74480531589504717; expires=Sun, 14-Jun-20 01:05:17 GMT; path=/; domain=.coronawarriors.cf; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Last-Modified: Wed, 29 Apr 2020 14:35:06 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Sun, 14 Jun 2020 01:04:48 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 5938f323fa040631-FRA
Content-Encoding: gzip
cf-request-id: 02b7764a7c00000631ebb96200000001

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
32 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162533737-1

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e3ba1fcbaa4aaf45214eb934aa568b63f2c06a7122daf3ed56ee616e1b1d9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://coronawarriors.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 01:05:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33118
x-xss-protection: 0
last-modified: Fri, 15 May 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 01:05:17 GMT

GET
H/1.1 200
OK website.html Show response
coronawarriors.cf/ Frame 920C 2 KB
1 KB 65ms
65ms Document
text/html 2606:4700:3036::681b:ad66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://coronawarriors.cf/website.html
Requested by: Host: coronawarriors.cf
URL: http://coronawarriors.cf/
Protocol: HTTP/1.1
Server: 2606:4700:3036::681b:ad66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac1e6289de87e214f313d811c957ab0f2cb49de27abdbbc9716ec6b35149046

Request headers

Host: coronawarriors.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://coronawarriors.cf/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=dadba0e80c481d1a76363be81c74480531589504717
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronawarriors.cf/

Response headers

Date: Fri, 15 May 2020 01:05:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 29 Apr 2020 15:04:01 GMT
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Expires: Sun, 14 Jun 2020 01:04:48 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 5938f3250bc60631-FRA
Content-Encoding: gzip
cf-request-id: 02b7764b2400000631ebb9d200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162533737-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronawarriors.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 538
date: Fri, 15 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 02:56:19 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1789818400&t=pageview&_s=1&dl=http%3A%2F%2Fcoronawarriors.cf%2F&ul=en-us&de=UTF-8&dt=Salute%20to%20Corona%20Warriors%20!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=862693142&gjid=1286459946&cid=638606684.1589504718&tid=UA-162533737-1&_gid=1552475611.1589504718&_r=1&gtm=2ou561&z=539573110

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronawarriors.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 01:05:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 920C 1 KB
581 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patrick+Hand&display=swap

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1711a2662c524645b84968597eb76cdcc789e24293f9eba6727290b257ee6303

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 01:05:17 GMT
server: ESF
date: Fri, 15 May 2020 01:05:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 01:05:17 GMT

GET
H/1.1 200
OK styles.css
coronawarriors.cf/ Frame 920C 3 KB
1 KB 9ms
8ms Stylesheet
text/css 2606:4700:3036::681b:ad66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://coronawarriors.cf/styles.css
Requested by: Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::681b:ad66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc2c94fa8f0baee39127f04e2605cfce910092fb3b7bb1f3e502cc3193e521bb

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 01:05:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 29 Apr 2020 14:33:00 GMT
Server: cloudflare
Age: 5125
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000, proxy-revalidate, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5938f3258cac0631-FRA
cf-request-id: 02b7764b7300000631ebba1200000001
Expires: Sat, 13 Jun 2020 23:39:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 920C 82 KB
32 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162533737-1

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e3ba1fcbaa4aaf45214eb934aa568b63f2c06a7122daf3ed56ee616e1b1d9af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 01:05:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33118
x-xss-protection: 0
last-modified: Fri, 15 May 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 May 2020 01:05:17 GMT

GET
H2 200 22.png
datadit.ml/images/aa/ Frame 920C 811 KB
812 KB 42ms
15ms Image
image/png 2606:4700:3037::681b:96bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://datadit.ml/images/aa/22.png
Requested by: Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681b:96bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d55e0d0c187e48a33a9360323960728c2454a612cf0491ddf0574a6be5fa59d9

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 01:05:17 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Apr 2020 15:00:42 GMT
server: cloudflare
age: 5121
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=2592000, proxy-revalidate
accept-ranges: bytes
cf-ray: 5938f325cbaad6dd-FRA
content-length: 829996
cf-request-id: 02b7764ba00000d6dd5e0d0200000001
expires: Sat, 13 Jun 2020 23:39:25 GMT

GET
H/1.1 200
OK script.js Show response
coronawarriors.cf/ Frame 920C 0
475 B 9ms
9ms Script
application/javascript 2606:4700:3036::681b:ad66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://coronawarriors.cf/script.js
Requested by: Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::681b:ad66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 15 May 2020 01:05:17 GMT
CF-Cache-Status: HIT
Last-Modified: Wed, 29 Apr 2020 14:32:48 GMT
Server: cloudflare
Age: 5125
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=2592000, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5938f3259cc00631-FRA
Content-Length: 0
cf-request-id: 02b7764b7d00000631ebba2200000001
Expires: Sat, 13 Jun 2020 23:39:24 GMT

GET
H/1.1 200
OK tricolor-background-created-with-paint-brush-strokes-picture-id1067278560
media.istockphoto.com/photos/ Frame 920C 16 KB
17 KB 943ms
272ms Image
image/jpeg 54.230.183.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.istockphoto.com/photos/tricolor-background-created-with-paint-brush-strokes-picture-id1067278560?k=6&m=1067278560&s=612x612&w=0&h=hbDCvpc8AjBWOmStmuo4Fe3BjEMtn1Ka80INfKlq5Tw=
Requested by: Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.183.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-121.ham50.r.cloudfront.net
Software: Kestrel /
Resource Hash: 558903df1a5f68ffc145f1883db3e8e70294c6030318646424397f958c82f894

Request headers

Referer: http://coronawarriors.cf/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 14 May 2020 23:39:53 GMT
Via: 1.1 5b2b264287e9650401ad0bc63aa348e6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 14 May 2020 23:39:53 GMT
Server: Kestrel
Age: 5124
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7776000
Content-Disposition: inline; filename=istockphoto-1067278560-612x612.jpg
X-Amz-Cf-Pop: HAM50-C3
Link: </photos/tricolor-background-created-with-paint-brush-strokes-picture-id1067278560>; rel= "canonical"
Content-Length: 16889
X-Amz-Cf-Id: iLAldCtAAK9GEHJyNBTYmA8QmwK4gtwBOOXPzvjrhsZKBVL3dMqQHA==

GET
H2 200 LDI1apSQOAYtSuYWp8ZhfYe8XsLLubg58w.woff2
fonts.gstatic.com/s/patrickhand/v13/ Frame 920C 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patrickhand/v13/LDI1apSQOAYtSuYWp8ZhfYe8XsLLubg58w.woff2

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dcdd20fb2b09f443d39f1681e06180493531f2b33a6d0921727d54b1464a66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Patrick+Hand&display=swap
Origin: http://coronawarriors.cf

Response headers

date: Wed, 08 Apr 2020 17:25:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:02:03 GMT
server: sffe
age: 3138013
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14144
x-xss-protection: 0
expires: Thu, 08 Apr 2021 17:25:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 920C 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162533737-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 538
date: Fri, 15 May 2020 00:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Fri, 15 May 2020 02:56:19 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 920C 35 B
119 B 6ms
6ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=1585239830&t=pageview&_s=1&dl=http%3A%2F%2Fcoronawarriors.cf%2Fwebsite.html&ul=en-us&de=UTF-8&dt=Salute%20to%20Corona%20Warriors%20!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAUAB~&jid=&gjid=&cid=638606684.1589504718&tid=UA-162533737-1&_gid=1552475611.1589504718&gtm=2ou561&z=820556745

Requested by

Host: coronawarriors.cf
URL: http://coronawarriors.cf/website.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronawarriors.cf/website.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 05:44:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3007225
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coronawarriors.cf/	1970-01-19 09:31:44	Name: _gat_gtag_UA_162533737_1 Value: 1
.coronawarriors.cf/	1970-01-19 09:33:11	Name: _gid Value: GA1.2.1552475611.1589504718
.coronawarriors.cf/	1970-01-20 03:02:56	Name: _ga Value: GA1.2.638606684.1589504718
.coronawarriors.cf/	1970-01-19 10:14:56	Name: __cfduid Value: dadba0e80c481d1a76363be81c74480531589504717

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronawarriors.cf
datadit.ml
fonts.googleapis.com
fonts.gstatic.com
media.istockphoto.com
www.google-analytics.com
www.googletagmanager.com
2606:4700:3036::681b:ad66
2606:4700:3037::681b:96bc
2a00:1450:4001:809::2008
2a00:1450:4001:814::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:821::200a
54.230.183.121
1711a2662c524645b84968597eb76cdcc789e24293f9eba6727290b257ee6303
1dcdd20fb2b09f443d39f1681e06180493531f2b33a6d0921727d54b1464a66c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
558903df1a5f68ffc145f1883db3e8e70294c6030318646424397f958c82f894
7e3ba1fcbaa4aaf45214eb934aa568b63f2c06a7122daf3ed56ee616e1b1d9af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a9c2eab04d7a17ef34573013c5f829adea250191ddc11a41a759c46d1444945
bc2c94fa8f0baee39127f04e2605cfce910092fb3b7bb1f3e502cc3193e521bb
d55e0d0c187e48a33a9360323960728c2454a612cf0491ddf0574a6be5fa59d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac1e6289de87e214f313d811c957ab0f2cb49de27abdbbc9716ec6b35149046

coronawarriors.cf Open in urlscan Pro 2606:4700:3036::681b:ad66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

71 %HTTPS

86 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

949 kBTransfer

1103 kBSize

4 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

4 Cookies

Indicators

coronawarriors.cf Open in urlscan Pro
2606:4700:3036::681b:ad66 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

71 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

949 kB
Transfer

1103 kB
Size

4
Cookies

14 HTTP transactions
0 data transactions