urlscan.io logo urlscan.io
SecurityTrails logo

coronavirusfacemasks.net Open in urlscan Pro
5.253.19.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.coronavirusfacemasks.net/
Effective URL: https://coronavirusfacemasks.net/
Submission: On April 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 19 HTTP transactions. The main IP is 5.253.19.149, located in Amsterdam, Netherlands and belongs to YISP-AS, NL. The main domain is coronavirusfacemasks.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 22nd 2020. Valid for: 3 months.
This is the only time coronavirusfacemasks.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 5.253.19.149 58073 (YISP-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
19 5
Domain Requested by
14 coronavirusfacemasks.net coronavirusfacemasks.net
3 static.addtoany.com coronavirusfacemasks.net
static.addtoany.com
1 www.youtube.com coronavirusfacemasks.net
1 graph.facebook.com static.addtoany.com
1 www.coronavirusfacemasks.net 1 redirects
19 5

This site contains links to these domains. Also see Links.

Domain
trialorder.org
www.addtoany.com
fatboythemes.com
wordpress.org
Subject Issuer Validity Valid
coronavirusfacemasks.net
cPanel, Inc. Certification Authority		 2020-03-22 -
2020-06-20		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-25 -
2020-10-09		 7 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://coronavirusfacemasks.net/
Frame ID: 05AC8231722691A5B19E57C37DEA89C8
Requests: 25 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: 7A17D9D3356A5E752A862C5A0F9076BD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5DGwOJXSxqg
Frame ID: 95A1E47614F972DCFB77C989B3A93AE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.coronavirusfacemasks.net/ HTTP 301
    https://coronavirusfacemasks.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • script /addtoany\.com\/menu\/page\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

84 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

905 kB
Transfer

1210 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.coronavirusfacemasks.net/ HTTP 301
    https://coronavirusfacemasks.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronavirusfacemasks.net/
Redirect Chain
  • https://www.coronavirusfacemasks.net/
  • https://coronavirusfacemasks.net/
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
13d29dd69c23408bbc278d11deab3d2ffd964c1e8197729865edbcdf7d07cc3b

Request headers

:method
GET
:authority
coronavirusfacemasks.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=UTF-8
link
<https://coronavirusfacemasks.net/wp-json/>; rel="https://api.w.org/" <https://coronavirusfacemasks.net/>; rel=shortlink </min/6ea0c.css>; rel=preload; as=style,</wp-includes/js/jquery/jquery.js>; rel=preload; as=script,</min/aea75.js>; rel=preload; as=script,</min/a8dfe.js>; rel=preload; as=script
etag
"242-1586015842;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding,User-Agent
content-length
8943
date
Sun, 05 Apr 2020 01:57:39 GMT
server
LiteSpeed
set-cookie
ls_smartpush=f; path=/; expires=Thu, 04 Jun 2020 01:57:39 GMT; secure; SameSite=Strict

Redirect headers

status
301
content-type
text/html; charset=UTF-8
x-redirect-by
WordPress
location
https://coronavirusfacemasks.net/
x-litespeed-cache
hit
content-length
0
date
Sun, 05 Apr 2020 01:57:39 GMT
server
LiteSpeed
vary
User-Agent
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
6ea0c.css
coronavirusfacemasks.net/min/ 		92 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronavirusfacemasks.net/min/6ea0c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
79aad2bca8aec39e96d357a7d368b7e94e35615ca229e9bb1f475c53985134a1

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 05 Apr 2020 01:57:39 GMT
content-encoding
br
last-modified
Fri, 03 Apr 2020 23:31:59 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15615
expires
Tue, 05 May 2020 01:57:39 GMT
jquery.js
coronavirusfacemasks.net/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirusfacemasks.net/wp-includes/js/jquery/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 01:57:39 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 17:08:53 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
32853
expires
Tue, 05 May 2020 01:57:39 GMT
aea75.js
coronavirusfacemasks.net/min/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirusfacemasks.net/min/aea75.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
edcc9c9dcfc1f369b30e5eb9b52755233aa717feae906a3aa32ef85295798757

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 01:57:39 GMT
content-encoding
br
last-modified
Fri, 03 Apr 2020 23:31:59 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
7806
expires
Tue, 05 May 2020 01:57:39 GMT
a8dfe.js
coronavirusfacemasks.net/min/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirusfacemasks.net/min/a8dfe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ea248cf28fbe04839a17e3f3028ccb2b2d898bb5101baef1bd7099c2c35ab341

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 01:57:39 GMT
content-encoding
br
last-modified
Fri, 03 Apr 2020 23:31:59 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
13517
expires
Tue, 05 May 2020 01:57:39 GMT
page.js
static.addtoany.com/menu/ 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: coronavirusfacemasks.net
URL: https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
via
e5s
x-content-type-options
nosniff
cf-cache-status
HIT
age
144907
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
last-modified
Sat, 01 Feb 2020 08:08:40 GMT
server
cloudflare
etag
W/"13f93-59d7f32b0419d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=172800
cf-ray
57efa8dd2e62178e-FRA
cf-bgj
minify
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9885e0b949f8146a84a0c314cbbc6b69916c5eb61709809563f7378b9a05504

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		173 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1f896709d2a11276db89170d63fd4e97430a3e2d8e12424818313083e2f2e76

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1aa69317a6d26d2e6e3c4902025b770169c74c870688b5a6b80f3fd0a82b4c0a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5b0531cc006510aaaf00227f02f2c98e171556a848537877e2fbacda3834f95

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		193 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51ce45732d763e051ffb4b676664011a36e72abd49ecef48624514cee584fbeb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
corona-virus-face-masks-bg.jpeg
coronavirusfacemasks.net/wp-content/uploads/ 		377 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/uploads/corona-virus-face-masks-bg.jpeg
Requested by
Host: coronavirusfacemasks.net
URL: https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
58a74fe337116fd5713d1d3a1322bd63bcfac48f2e62f01e2f5fdcb310404359

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:39 GMT
last-modified
Tue, 31 Mar 2020 15:48:35 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
385916
expires
Tue, 05 May 2020 01:57:39 GMT
truncated
/ 		183 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba915712e82558f1ff49af89d33cb1095894cbac927d2a776432d9331de722c7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		180 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af27ffb1b0c3f787aa66d2486fdda7e97faf3e8a5170f344f50f8592183234fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
widget-divider.png
coronavirusfacemasks.net/wp-content/themes/leaf/images/ 		212 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/themes/leaf/images/widget-divider.png
Requested by
Host: coronavirusfacemasks.net
URL: https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1913c1355f45d5dd7363dd2c19bee52b27e2f1c9e9cb531bc680d2d1d17afa61

Request headers

Referer
https://coronavirusfacemasks.net/min/6ea0c.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
last-modified
Wed, 16 Aug 2017 09:18:23 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
212
expires
Tue, 05 May 2020 01:57:40 GMT
scroll-to-top.png
coronavirusfacemasks.net/wp-content/themes/leaf/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/themes/leaf/images/scroll-to-top.png
Requested by
Host: coronavirusfacemasks.net
URL: https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
98b3ab8a80b37b246a1bc674f55c19394cef2986a251ebdd437d109dbb0f12c2

Request headers

Referer
https://coronavirusfacemasks.net/min/6ea0c.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
last-modified
Wed, 16 Aug 2017 09:18:23 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2983
expires
Tue, 05 May 2020 01:57:40 GMT
sm.22.html
static.addtoany.com/menu/ Frame 7A17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.22.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
static.addtoany.com
:scheme
https
:path
/menu/sm.22.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronavirusfacemasks.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronavirusfacemasks.net/

Response headers

status
200
date
Sun, 05 Apr 2020 01:57:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dfcfdb4234810e41418db43a4d98aaff01586051860; expires=Tue, 05-May-20 01:57:40 GMT; path=/; domain=.addtoany.com; HttpOnly; SameSite=Lax; Secure
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Thu, 03 Oct 2019 06:59:00 GMT
etag
W/"70f-593fc1ec1791b"
cache-control
max-age=315360000, immutable
age
144920
vary
Accept-Encoding
via
e5s
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
57efa8dd7eac178e-FRA
content-encoding
br
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
icons.29.svg.js
static.addtoany.com/menu/svg/ 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/svg/icons.29.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
via
e5s
x-content-type-options
nosniff
cf-cache-status
HIT
age
4985651
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
last-modified
Mon, 31 Dec 2018 23:29:11 GMT
server
cloudflare
etag
W/"13937-57e59c7b88bd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, immutable
cf-ray
57efa8dd8ebd178e-FRA
cf-bgj
minify
/
graph.facebook.com/ 		81 B
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?fields=og_object%7Bengagement%7D&id=https%3A%2F%2Fcoronavirusfacemasks.net%2F&callback=a2a.counters.facebook.cb1
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
508b4125b23085b36d40a0cfc178602b857b2db07014327618b71850c4f974b1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=15552000; preload
x-app-usage
{"call_count":0,"total_cputime":0,"total_time":0}
status
200
date
Sun, 05 Apr 2020 01:57:40 GMT, Sun, 05 Apr 2020 01:57:40 GMT
x-fb-rev
1001947448
alt-svc
h3-27=":443"; ma=3600
content-length
81
pragma
no-cache
x-fb-debug
P6U9qZ/aXfOjNVnbgG4C2+blI970d901yxIjtFVAfcHx96li2pxQnwzNKbhmkVuPUVdv0erufu9Cjg+DFFonWg==
x-fb-trace-id
EVOhVk/Bi3g
etag
"9148fe19b1f37992d93e184db3daee6524422e89"
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
A9w8CzIk6izlqc_FXXQFHqw
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v2.12
expires
Sat, 01 Jan 2000 00:00:00 GMT
5DGwOJXSxqg
www.youtube.com/embed/ Frame 95A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/5DGwOJXSxqg
Requested by
Host: coronavirusfacemasks.net
URL: https://coronavirusfacemasks.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/5DGwOJXSxqg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronavirusfacemasks.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronavirusfacemasks.net/

Response headers

status
200
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
date
Sun, 05 Apr 2020 01:57:40 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=inrC4aNLxO4; path=/; domain=.youtube.com; secure; expires=Fri, 02-Oct-2020 01:57:40 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Sun, 05-Apr-2020 02:27:40 GMT YSC=HOfM_zN-vPk; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=inrC4aNLxO4; path=/; domain=.youtube.com; secure; expires=Fri, 02-Oct-2020 01:57:40 GMT; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
coronavirus-face-masks-header-image-1.png
coronavirusfacemasks.net/wp-content/uploads/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/uploads/coronavirus-face-masks-header-image-1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ac0c5f51e0b17f3a69ec8c52763e77c5de9be76e385c601a6ed04a02d6a45550

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
last-modified
Tue, 31 Mar 2020 15:52:37 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
31125
expires
Tue, 05 May 2020 01:57:40 GMT
covid19-button-3.png
coronavirusfacemasks.net/wp-content/uploads/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://coronavirusfacemasks.net/wp-content/uploads/covid19-button-3.png
Protocol
HTTP/1.1
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c593bbd6be119c51083224cd85283d32f085c85b3c429f2d8ff12a9df2650c9d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 01:57:40 GMT
Last-Modified
Tue, 31 Mar 2020 15:16:35 GMT
Server
LiteSpeed
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10254
Expires
Tue, 05 May 2020 01:57:40 GMT
buy-coronavirus-face-masks-now-300x265.png
coronavirusfacemasks.net/wp-content/uploads/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/uploads/buy-coronavirus-face-masks-now-300x265.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
82fd1bd2be19ae08774b3a69f645e1ec4515ce4425f9cec5860723a77e321cd6

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
last-modified
Tue, 31 Mar 2020 16:07:26 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
81287
expires
Tue, 05 May 2020 01:57:40 GMT
coronavirus-face-masks-buy-now.png
coronavirusfacemasks.net/wp-content/uploads/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirusfacemasks.net/wp-content/uploads/coronavirus-face-masks-buy-now.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
59bd9eef728d30eedb008f024d3348bb229f30478f659a88dd2a1eb17f4b8a84

Request headers

Referer
https://coronavirusfacemasks.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 01:57:40 GMT
last-modified
Tue, 31 Mar 2020 16:46:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
157543
expires
Tue, 05 May 2020 01:57:40 GMT
unnamed3.jpg
coronavirusfacemasks.net/wp-content/uploads/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://coronavirusfacemasks.net/wp-content/uploads/unnamed3.jpg
Protocol
HTTP/1.1
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
67a95680a3d639cdfce9f33aabedb8a6b0a5809c5b1e95783a9ceb5b38314ce5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 01:57:40 GMT
Last-Modified
Tue, 31 Mar 2020 15:56:12 GMT
Server
LiteSpeed
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
40306
Expires
Tue, 05 May 2020 01:57:40 GMT
Protect-Yourself-Today.png
coronavirusfacemasks.net/wp-content/uploads/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://coronavirusfacemasks.net/wp-content/uploads/Protect-Yourself-Today.png
Protocol
HTTP/1.1
Server
5.253.19.149 Amsterdam, Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2ba523a5d7db7ae9dc5f1ba3b43ae528990ecc152d590c02afeb6123e505389a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 05 Apr 2020 01:57:40 GMT
Last-Modified
Tue, 31 Mar 2020 16:02:58 GMT
Server
LiteSpeed
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
74906
Expires
Tue, 05 May 2020 01:57:40 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery object| a2a_config object| kk_star_ratings function| _extends function| _typeof function| LazyLoad object| html5 object| Modernizr function| yepnope boolean| fiwwyaifafltck function| zbsetCookie function| zbgetCookie function| a299b2129cb527af1139ff9f6cac20d179b8840ce function| a2ea8d511ac9db1e3dd581c18bcfa3ad7d5b9b475 function| a98f20ebb9b2486f52b7248c9cb60eae91faee52d function| a372d69f5efebc6b8b4ef305d87112be2218e4b5b object| wp object| jQuery1124049391433568430254 object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init object| icons string| svg_tag_open string| svg_tag_close undefined| svg_src undefined| svg_src_default number| a2apage_init undefined| color object| queued_count_element

2 Cookies

Domain/Path Name / Value
.addtoany.com/ Name: uvc
Value: 1
coronavirusfacemasks.net/ Name: ls_smartpush
Value: f

1 Console Messages

Source Level URL
Text
console-api log URL: https://coronavirusfacemasks.net/min/aea75.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronavirusfacemasks.net
graph.facebook.com
static.addtoany.com
www.coronavirusfacemasks.net
www.youtube.com
2606:4700:10::6816:46c5
2a00:1450:4001:809::200e
2a03:2880:f01c:800e:face:b00c:0:2
5.253.19.149
13d29dd69c23408bbc278d11deab3d2ffd964c1e8197729865edbcdf7d07cc3b
1913c1355f45d5dd7363dd2c19bee52b27e2f1c9e9cb531bc680d2d1d17afa61
1aa69317a6d26d2e6e3c4902025b770169c74c870688b5a6b80f3fd0a82b4c0a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2ba523a5d7db7ae9dc5f1ba3b43ae528990ecc152d590c02afeb6123e505389a
508b4125b23085b36d40a0cfc178602b857b2db07014327618b71850c4f974b1
51ce45732d763e051ffb4b676664011a36e72abd49ecef48624514cee584fbeb
58a74fe337116fd5713d1d3a1322bd63bcfac48f2e62f01e2f5fdcb310404359
59bd9eef728d30eedb008f024d3348bb229f30478f659a88dd2a1eb17f4b8a84
5fdc62b86bb13c8c4776c372bf18e06356fed78dc785c2bb7f361be072453056
67a95680a3d639cdfce9f33aabedb8a6b0a5809c5b1e95783a9ceb5b38314ce5
79aad2bca8aec39e96d357a7d368b7e94e35615ca229e9bb1f475c53985134a1
82fd1bd2be19ae08774b3a69f645e1ec4515ce4425f9cec5860723a77e321cd6
98b3ab8a80b37b246a1bc674f55c19394cef2986a251ebdd437d109dbb0f12c2
ac0c5f51e0b17f3a69ec8c52763e77c5de9be76e385c601a6ed04a02d6a45550
af27ffb1b0c3f787aa66d2486fdda7e97faf3e8a5170f344f50f8592183234fe
ba915712e82558f1ff49af89d33cb1095894cbac927d2a776432d9331de722c7
c1f896709d2a11276db89170d63fd4e97430a3e2d8e12424818313083e2f2e76
c593bbd6be119c51083224cd85283d32f085c85b3c429f2d8ff12a9df2650c9d
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e9885e0b949f8146a84a0c314cbbc6b69916c5eb61709809563f7378b9a05504
ea248cf28fbe04839a17e3f3028ccb2b2d898bb5101baef1bd7099c2c35ab341
edcc9c9dcfc1f369b30e5eb9b52755233aa717feae906a3aa32ef85295798757
f5b0531cc006510aaaf00227f02f2c98e171556a848537877e2fbacda3834f95