urlscan.io logo urlscan.io
SecurityTrails logo

www.coronatest2020.tk Open in urlscan Pro
2a00:1450:4001:81e::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.coronatest2020.tk/
Submission: On March 27 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 2a00:1450:4001:81e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.coronatest2020.tk.
TLS certificate: Issued by GTS CA 1D2 on March 23rd 2020. Valid for: 3 months.
This is the only time www.coronatest2020.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 3 173.192.101.24 36351 (SOFTLAYER)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 94.31.29.128 33438 (HIGHWINDS2)
20 6
2    2a00:1450:4001:81e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.coronatest2020.tk
8    2a00:1450:4001:821::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
3    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
p378438.clksite.com
infopicked.com
2    2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
2    2606:4700:10::6814:13fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adf.ly
adf.ly
4    94.31.29.128 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net
p378438.mycdn.co
Domain Requested by
5 www.blogger.com www.coronatest2020.tk
4 p378438.mycdn.co infopicked.com
p378438.mycdn.co
3 resources.blogblog.com www.coronatest2020.tk
2 1.bp.blogspot.com www.coronatest2020.tk
2 infopicked.com www.coronatest2020.tk
p378438.mycdn.co
2 www.coronatest2020.tk www.coronatest2020.tk
1 adf.ly cdn.adf.ly
1 cdn.adf.ly www.coronatest2020.tk
1 p378438.clksite.com 1 redirects
20 9

This site contains links to these domains. Also see Links.

Domain
covid.apollo247.com
www.blogger.com
Subject Issuer Validity Valid
www.coronatest2020.tk
GTS CA 1D2		 2020-03-23 -
2020-06-21		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.infopicked.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-30 -
2020-10-31		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-25 -
2020-10-09		 7 months crt.sh
*.mycdn.co
Sectigo RSA Domain Validation Secure Server CA		 2019-10-10 -
2020-10-21		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.coronatest2020.tk/
Frame ID: C662635D908F1C0FCEAB09ABB7EFE2A7
Requests: 18 HTTP requests in this frame

Frame: https://p378438.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Frame ID: 8C48C1FB526B5639CE5A11806F01D3BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

20
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

240 kB
Transfer

688 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://p378438.clksite.com/adServe/banners?tid=378438_762850_5 HTTP 301
  • https://infopicked.com/adServe/banners?tid=378438_762850_5

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.coronatest2020.tk/ 		43 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
757d87fccf54a22d972601e7a4a6b4f76e36ec5967e1d5a76caece93848b3a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.coronatest2020.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Fri, 27 Mar 2020 05:08:17 GMT
date
Fri, 27 Mar 2020 05:08:17 GMT
cache-control
private, max-age=0
last-modified
Tue, 24 Mar 2020 07:10:35 GMT
etag
W/"771cf95995f74bb1692bfbe3549afb07582100f10786eee83a92c791b9ed58de"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10457
server
GSE
3597120983-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 17:06:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 26 Mar 2020 09:27:27 GMT
server
sffe
age
43334
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
7979
x-xss-protection
0
expires
Fri, 26 Mar 2021 17:06:03 GMT
banners
infopicked.com/adServe/
Redirect Chain
  • https://p378438.clksite.com/adServe/banners?tid=378438_762850_5
  • https://infopicked.com/adServe/banners?tid=378438_762850_5
35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://infopicked.com/adServe/banners?tid=378438_762850_5
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ba37ee7907da1bc17958a47feccb7e9bd9614e3cc14ebeef23761dcb3aff7978

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status
301
date
Fri, 27 Mar 2020 05:08:18 GMT
server
nginx
content-length
178
location
https://infopicked.com/adServe/banners?tid=378438_762850_5
content-type
text/html
test.gif
1.bp.blogspot.com/-ouKHg37nHhs/XnihhJW6Z1I/AAAAAAAAALc/AoQofR4gDygNv0TDvHGUEqTsqbn3N_FNACLcBGAsYHQ/s1600/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ouKHg37nHhs/XnihhJW6Z1I/AAAAAAAAALc/AoQofR4gDygNv0TDvHGUEqTsqbn3N_FNACLcBGAsYHQ/s1600/test.gif
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
bfad6aa3d90af038bfc7cc4081391dc0de0beffff683a88fcf864b0c12bdb1bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 05:08:17 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="test.gif"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
8695
x-xss-protection
0
server
fife
etag
"vb8"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 28 Mar 2020 05:08:17 GMT
display.js
cdn.adf.ly/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adf.ly/js/display.js
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:13fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed833bdbb60e381d73fbc327aeead6589c3b429f29b881c10ef55bef09bc6905

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 05:08:17 GMT
content-encoding
gzip
cf-cache-status
HIT
age
428
status
200
content-length
13457
last-modified
Sat, 29 Feb 2020 16:41:57 GMT
server
cloudflare
etag
"ac8c-5e5a9455-ac97a1d2586d80f4;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
57a697b8ac1c1f51-FRA
expires
Fri, 03 Apr 2020 05:01:09 GMT
icon18_edit_allbkg.gif
resources.blogblog.com/img/ 		162 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_edit_allbkg.gif
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 23:08:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Mar 2020 07:08:30 GMT
server
sffe
age
280773
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
162
x-xss-protection
0
expires
Mon, 30 Mar 2020 23:08:44 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 25 Mar 2020 04:29:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 Mar 2020 12:14:05 GMT
server
sffe
age
175154
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
475
x-xss-protection
0
expires
Wed, 01 Apr 2020 04:29:03 GMT
test.gif
1.bp.blogspot.com/-ouKHg37nHhs/XnihhJW6Z1I/AAAAAAAAALc/AoQofR4gDygNv0TDvHGUEqTsqbn3N_FNACLcBGAsYHQ/w72-h72-p-k-no-nu/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ouKHg37nHhs/XnihhJW6Z1I/AAAAAAAAALc/AoQofR4gDygNv0TDvHGUEqTsqbn3N_FNACLcBGAsYHQ/w72-h72-p-k-no-nu/test.gif
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44c023bb22e83c72a5877e23a98725bb549a675085b4120fbae9f28e9652518e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 05:08:17 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="test.gif"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
3000
x-xss-protection
0
server
fife
etag
"vb8"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 28 Mar 2020 05:08:17 GMT
cookienotice.js
www.coronatest2020.tk/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.coronatest2020.tk/js/cookienotice.js
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 05:08:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 26 Mar 2020 22:20:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Fri, 03 Apr 2020 05:08:17 GMT
3638369130-widgets.js
www.blogger.com/static/v1/widgets/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3638369130-widgets.js
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
300883c2df172d0406675649cc439436569d514e99a336ebabd44f8b7f79a8e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 16:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Mar 2020 21:33:36 GMT
server
sffe
age
47148
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
53114
x-xss-protection
0
expires
Fri, 26 Mar 2021 16:02:29 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5225691240190675543&zx=897cecd6-3685-4c78-9692-592565af869f
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 27 Mar 2020 05:08:17 GMT
server
GSE
date
Fri, 27 Mar 2020 05:08:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
tabs_gradient_light.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ 		182 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/tabs_gradient_light.png
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 23:19:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 22 Mar 2020 20:08:31 GMT
server
sffe
age
280105
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
182
x-xss-protection
0
expires
Mon, 30 Mar 2020 23:19:52 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
114 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5225691240190675543&zx=897cecd6-3685-4c78-9692-592565af869f
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 27 Mar 2020 05:08:18 GMT
server
GSE
date
Fri, 27 Mar 2020 05:08:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
funcript1585285699303.php
adf.ly/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adf.ly/funcript1585285699303.php?pub=23016447&v=Nzi4AyoNSz0UhzULT0Ulw2sSIiGVx2pVal2xUGgcRw2FVEjIap2U8zpXI0EENzoXcwmE9DtIZYSB8y3UNPCB4ywYLhj1ME3IMsjVkGudMuTlYE5II7FgN2hcZvmRFnybapSN8W1YMNzhcCuIMwz4YSiNLvCEJG1bZsClIm6eMvj1MkwIM6TIYC0dNuDVc2sZIhnJYXiZOzjVInsIIsmINyrUIPjNpW0YcNnJVilOLiCMJ3wbYfXBQ3ibO0jtE2scIlmRhmhIcs2IgyibOOiJIi2ONijMI3xbOfTVUG4bZpjJY20bZtWJNCiLYwmoQj2IOlGxQWyaOiW9VWibZijwkC0MY6jIZCkaYzzFQGxbZmSJJy9e
Requested by
Host: cdn.adf.ly
URL: https://cdn.adf.ly/js/display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:13fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.31
Resource Hash
921b9450651d6744982340d873c3a77a70c75650e620881869b1d2572d201b7e

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.6.31
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by
LiteSpeed
cf-ray
57a697c4af4a1f51-FRA
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
share_buttons_20_3.png
www.blogger.com/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/share_buttons_20_3.png
Requested by
Host: www.coronatest2020.tk
URL: https://www.coronatest2020.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/static/v1/widgets/3597120983-css_bundle_v2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 23:50:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Mar 2020 22:40:13 GMT
server
sffe
age
278253
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5080
x-xss-protection
0
expires
Mon, 30 Mar 2020 23:50:46 GMT
ui_tag_80.2-1.js
p378438.mycdn.co/banners/script/ 		176 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p378438.mycdn.co/banners/script/ui_tag_80.2-1.js
Requested by
Host: infopicked.com
URL: https://infopicked.com/adServe/banners?tid=378438_762850_5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:16 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b4fc-2c04a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
expires
Mon, 22 Mar 2021 05:08:19 GMT
it-ui-comp-22.css
p378438.mycdn.co/uicomp/styles/dist/80.2-1/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p378438.mycdn.co/uicomp/styles/dist/80.2-1/it-ui-comp-22.css
Requested by
Host: p378438.mycdn.co
URL: https://p378438.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
102fcd9a6c2438668f322cdeb16771886e59fb5b38e5905881177f7d47cf9453

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-5dea"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Mon, 22 Mar 2021 05:08:19 GMT
findBanner
infopicked.com/adServe/banners/ 		734 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://infopicked.com/adServe/banners/findBanner?num=1&keyword=Coronavirus%20Self%20Testing&tid=378438_762850_5&type=js&ar=b&ts=c&ito=https%3A%2F%2Fp378438.mycdn.co&bs=22&referrer=https%3A%2F%2Fwww.coronatest2020.tk%2F&ap=cmp%3DBANNER%26evp%3D_TPIRbTkaYl8LEPC54BBr_bWwvziNp_1QR22JeacVpGgaLgnxAXwDlix53po2H33%26sjv%3D95.0%26ctid%3D0%26th%3D1200%26tw%3D1600%26inco%3D0%26tip%3DCoronavirus%2520Self%2520Testing&pid=378438&popeye=bXg9bnVsbCZteT1udWxsJmN4PW51bGwmY3k9bnVsbCZ3PTE2MDAmaD0xMjAwJmM9MSZzPTEmdD0xJmk9MCZvPS02MCZzb19mYj0tMSZzb19nbz0tMSZzb19ncD0tMSZzb190dz0tMSZzcD0wMDAwMDAwMDAwMDAxMDAwMDAwMDAwMCZtbV9tbj0wJm1tX2FzPTAmbW1fYWQ9MCZtbV9tdD0wJm1tX3NjPTAmbW1fc2RjPTAmbmNycz0xNg%3D%3D&olive=1&callback=ITCi7hzrr4jd2m
Requested by
Host: p378438.mycdn.co
URL: https://p378438.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.192.101.24 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
18.65.c0ad.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
22e2735c82b8fe077acadc63459e1f11644a02f636d224089c382796d06de803

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cache-control
no-cache
content-type
text/javascript;charset=utf-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
it-banner-frame.css
p378438.mycdn.co/uicomp/styles/dist/80.2-1/ Frame 8C48 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p378438.mycdn.co/uicomp/styles/dist/80.2-1/it-banner-frame.css
Requested by
Host: p378438.mycdn.co
URL: https://p378438.mycdn.co/banners/script/ui_tag_80.2-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 05:08:19 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:33:23 GMT
server
NetDNA-cache/2.2
etag
W/"5d10b503-858"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=31104000
expires
Mon, 22 Mar 2021 05:08:19 GMT
animeplay_22x_en.jpg
p378438.mycdn.co/ext/onn/mob/22x/ Frame 8C48 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p378438.mycdn.co/ext/onn/mob/22x/animeplay_22x_en.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.128 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.128.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
0635ec57b9b5ed5867739ab12e6fbf76ffe97a205563e37668f7dcc4ad927c86

Request headers

Referer
https://www.coronatest2020.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 05:08:19 GMT
last-modified
Mon, 05 Feb 2018 09:04:21 GMT
server
NetDNA-cache/2.2
etag
"5a781e15-2b8f"
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
11151
expires
Mon, 22 Mar 2021 05:08:19 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle function| setImmediate function| clearImmediate object| _rhat4 string| _p number| adfly_id number| popunder_frequency_delay boolean| adfly_google_compliant function| d4v6 function| P8wK function| G6eE function| N8wK string| jmbdd function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| Fte5487Go98 function| _bp function| sha1 function| FP undefined| $ undefined| jQuery

1 Cookies

Domain/Path Name / Value
www.coronatest2020.tk/ Name: rhid_c
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
adf.ly
cdn.adf.ly
infopicked.com
p378438.clksite.com
p378438.mycdn.co
resources.blogblog.com
www.blogger.com
www.coronatest2020.tk
173.192.101.24
2606:4700:10::6814:13fe
2a00:1450:4001:81e::2013
2a00:1450:4001:821::2009
2a00:1450:4001:825::2001
94.31.29.128
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0635ec57b9b5ed5867739ab12e6fbf76ffe97a205563e37668f7dcc4ad927c86
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
102fcd9a6c2438668f322cdeb16771886e59fb5b38e5905881177f7d47cf9453
22e2735c82b8fe077acadc63459e1f11644a02f636d224089c382796d06de803
300883c2df172d0406675649cc439436569d514e99a336ebabd44f8b7f79a8e8
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
44c023bb22e83c72a5877e23a98725bb549a675085b4120fbae9f28e9652518e
5e516df49b160c3efcb1ea09dd4c5f5b7c99a23a18a2a882acc379179bdbaacd
757d87fccf54a22d972601e7a4a6b4f76e36ec5967e1d5a76caece93848b3a2b
869176cab64c36f92c6c1f8ffbe85919575d6b9995a54850e5925289f3a75078
8a1e59ae28b7169b8dd533eab297b904d2417a1cba84e57be30d71e7bd717feb
921b9450651d6744982340d873c3a77a70c75650e620881869b1d2572d201b7e
ba37ee7907da1bc17958a47feccb7e9bd9614e3cc14ebeef23761dcb3aff7978
bfad6aa3d90af038bfc7cc4081391dc0de0beffff683a88fcf864b0c12bdb1bf
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
ed833bdbb60e381d73fbc327aeead6589c3b429f29b881c10ef55bef09bc6905
f5cee4255bdd9370d50ce0499da2cea95831d5f39eb7a90461a83798d414ad51