godsaveusfromcovid19.gq Open in urlscan Pro
2606:4700:3031::681f:5917 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://godsaveusfromcovid19.gq/
Submission: On April 02 via automatic, source certstream-suspicious (April 2nd 2020, 9:33:22 am UTC)

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3031::681f:5917, located in United States and belongs to CLOUDFLARENET, US. The main domain is godsaveusfromcovid19.gq.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 2nd 2020. Valid for: 6 months.

This is the only time godsaveusfromcovid19.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2606:4700:303... 2606:4700:3031::681f:5917		13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1

9 2606:4700:3031::681f:5917 (United States)

ASN13335 (CLOUDFLARENET, US)

godsaveusfromcovid19.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	godsaveusfromcovid19.gq godsaveusfromcovid19.gq	58 KB
9	1

	Domain	Requested by
9	godsaveusfromcovid19.gq	godsaveusfromcovid19.gq
9	1

This site contains links to these domains. Also see Links.

Domain
www.sentora.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-02` - `2020-10-09`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://godsaveusfromcovid19.gq/
Frame ID: CD269729B63D77D9A7D1DC9677A5FE6F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

58 kB
Transfer

192 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sentora.org/
Title: Sentora

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response godsaveusfromcovid19.gq/	8 KB 2 KB	381ms 323ms	Document text/html	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae6b28ca1645c6eaca414801a563eccf8548dc61bdf4b45c28df3fc7ead43b8f` Request headers :method GET :authority godsaveusfromcovid19.gq :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Thu, 02 Apr 2020 09:33:05 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d5a5df3e255a05085e602519d16b1b0181585819984; expires=Sat, 02-May-20 09:33:04 GMT; path=/; domain=.godsaveusfromcovid19.gq; HttpOnly; SameSite=Lax PHPSESSID=d4706fh2i60b5vviqm5nkhorv1; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 57d98bd94d1dd6dd-FRA content-encoding br
GET H2	200	bootstrap.min.css godsaveusfromcovid19.gq/etc/styles/Sentora_Default/global-css/	74 KB 13 KB	640ms 640ms	Stylesheet text/css	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/global-css/bootstrap.min.css Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `38e7db3eb2be361a0569b8838b71680edd2e153963421fa6c8595e4db7678f31` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 02 Apr 2020 09:33:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"12974-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 57d98bdb5a95d6dd-FRA
GET H2	200	login.css godsaveusfromcovid19.gq/etc/styles/Sentora_Default/global-css/	3 KB 860 B	320ms 320ms	Stylesheet text/css	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/global-css/login.css Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `38e7a0d784d44947a86765bcffa233a1ed3e3603808991ef082215101e470077` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Thu, 02 Apr 2020 09:33:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"b5b-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 57d98bdb5a96d6dd-FRA
GET H2	200	sentora_logo.png godsaveusfromcovid19.gq/etc/styles/Sentora_Default/img/logos/	5 KB 5 KB	316ms 315ms	Image image/png	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/img/logos/sentora_logo.png Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f30efdc48f3f181f5b9bbd5ef0faab51e6ff4e7b938a56a17c4a906fea8d07f` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 09:33:05 GMT cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag "133f-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57d98bdb5a98d6dd-FRA content-length 4927
GET H2	200	jquery.js Show response godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/	90 KB 31 KB	622ms 621ms	Script application/javascript	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/jquery.js Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 09:33:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"169d5-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57d98bdb5a9ad6dd-FRA
GET H2	200	bootstrap-transition.js Show response godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/	2 KB 736 B	315ms 314ms	Script application/javascript	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/bootstrap-transition.js Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c80a1a54a5b59c146c8753bdb09451f9b47d03a54afe4298f4d2fbcc961c68fa` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 09:33:05 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"6dc-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57d98bdd4fb5d6dd-FRA
GET H2	200	bootstrap-alert.js Show response godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/	2 KB 1 KB	317ms 317ms	Script application/javascript	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/bootstrap-alert.js Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `107e4d307347df3417912307a8bf91dca9bd67a0edcf195b25c939b183d2b313` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 09:33:06 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"9dc-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57d98bdf3dbcd6dd-FRA
GET H2	200	prettyCheckable.js Show response godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/	4 KB 1 KB	325ms 325ms	Script application/javascript	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/prettyCheckable.js Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `24280a935037952bf41df33917ebd7f71f13185e704d449727484f9fdf61d420` Request headers Referer https://godsaveusfromcovid19.gq/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Thu, 02 Apr 2020 09:33:06 GMT content-encoding br cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag W/"ee0-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=14400 cf-ray 57d98bdf4deed6dd-FRA
GET H2	200	prettyCheckable-purple.png godsaveusfromcovid19.gq/etc/styles/Sentora_Default/img/misc/	4 KB 4 KB	315ms 314ms	Image image/png	2606:4700:3031::681f:5917 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/img/misc/prettyCheckable-purple.png Requested by Host: godsaveusfromcovid19.gq URL: https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/js/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::681f:5917 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93422d6c266378e4f4b31b566f21e74ad739b06cb3400d2be78e83398287bc12` Request headers Referer https://godsaveusfromcovid19.gq/etc/styles/Sentora_Default/global-css/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Thu, 02 Apr 2020 09:33:06 GMT cf-cache-status MISS last-modified Fri, 30 Jan 2015 12:21:05 GMT server cloudflare etag "e71-50ddda3776e40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 57d98be16bc6d6dd-FRA content-length 3697

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			godsaveusfromcovid19.gq/	1969-12-31 23:59:59	Name: PHPSESSID Value: d4706fh2i60b5vviqm5nkhorv1
			.godsaveusfromcovid19.gq/	1970-01-19 09:13:31	Name: __cfduid Value: d5a5df3e255a05085e602519d16b1b0181585819984

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

godsaveusfromcovid19.gq
2606:4700:3031::681f:5917
107e4d307347df3417912307a8bf91dca9bd67a0edcf195b25c939b183d2b313
24280a935037952bf41df33917ebd7f71f13185e704d449727484f9fdf61d420
38e7a0d784d44947a86765bcffa233a1ed3e3603808991ef082215101e470077
38e7db3eb2be361a0569b8838b71680edd2e153963421fa6c8595e4db7678f31
6f30efdc48f3f181f5b9bbd5ef0faab51e6ff4e7b938a56a17c4a906fea8d07f
93422d6c266378e4f4b31b566f21e74ad739b06cb3400d2be78e83398287bc12
ae6b28ca1645c6eaca414801a563eccf8548dc61bdf4b45c28df3fc7ead43b8f
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c80a1a54a5b59c146c8753bdb09451f9b47d03a54afe4298f4d2fbcc961c68fa

godsaveusfromcovid19.gq Open in urlscan Pro 2606:4700:3031::681f:5917 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

58 kBTransfer

192 kBSize

2 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Indicators

godsaveusfromcovid19.gq Open in urlscan Pro
2606:4700:3031::681f:5917 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

58 kB
Transfer

192 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions