urlscan.io logo urlscan.io
SecurityTrails logo

ciaocovid.club Open in urlscan Pro
23.227.38.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ciao-covid.de/
Effective URL: https://ciaocovid.club/password
Submission: On May 31 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 23.227.38.32, located in Canada and belongs to CLOUDFLARENET, US. The main domain is ciaocovid.club.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 26th 2020. Valid for: 3 months.
This is the only time ciaocovid.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
2 3 23.227.38.32 13335 (CLOUDFLAR...)
7 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
3 2a04:4e42:1b:... 54113 (FASTLY)
3 35.188.198.106 15169 (GOOGLE)
14 4
1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
ciao-covid.de
3    23.227.38.32 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
ciaocovid.club
7    2a02:26f0:64:1ae::39b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.shopify.com
3    2a04:4e42:1b::104 (Ascension Island)

ASN54113 (FASTLY, US)
fonts.shopifycdn.com
3    35.188.198.106 (United States)

ASN15169 (GOOGLE, US)
PTR: 106.198.188.35.bc.googleusercontent.com
monorail-edge.shopifysvc.com
Domain Requested by
7 cdn.shopify.com ciaocovid.club
3 monorail-edge.shopifysvc.com cdn.shopify.com
3 fonts.shopifycdn.com ciaocovid.club
3 ciaocovid.club 2 redirects
1 ciao-covid.de 1 redirects
14 5

This site contains links to these domains. Also see Links.

Domain
www.shopify.com
Subject Issuer Validity Valid
ciaocovid.club
Let's Encrypt Authority X3		 2020-04-26 -
2020-07-25		 3 months crt.sh
cdn.shopify.com
GeoTrust RSA CA 2018		 2020-05-22 -
2021-02-16		 9 months crt.sh
shopify.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-19 -
2021-04-18		 a year crt.sh
monorail-edge.shopifysvc.com
Let's Encrypt Authority X3		 2020-04-26 -
2020-07-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ciaocovid.club/password
Frame ID: 342A4DE50F01C2E7E3362D21F5BEB647
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ciao-covid.de/ HTTP 301
    http://ciaocovid.club/ HTTP 301
    https://ciaocovid.club/ HTTP 302
    https://ciaocovid.club/password Page URL

Detected technologies

Overall confidence: 25%
Detected patterns
  • html /<link[^>]+=['"]\/\/cdn\.shopify\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

259 kB
Transfer

697 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ciao-covid.de/ HTTP 301
    http://ciaocovid.club/ HTTP 301
    https://ciaocovid.club/ HTTP 302
    https://ciaocovid.club/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
ciaocovid.club/
Redirect Chain
  • http://ciao-covid.de/
  • http://ciaocovid.club/
  • https://ciaocovid.club/
  • https://ciaocovid.club/password
20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.32 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
c84921a2b03cb8b37e344a1bbd2b28abb9fa9a57a4bf887503374b008cf52bf4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f

Request headers

:method
GET
:authority
ciaocovid.club
:scheme
https
:path
/password
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d2dd5ccf878799bf8ca8d89d7ff8f5c081590915206
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 31 May 2020 08:53:26 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
70
x-sorting-hat-shopid
27528036423
x-frame-options
DENY
x-shopid
27528036423
x-shardid
70
content-language
de
x-shopify-generated-cart-token
5616a1e32274fe49eb6d68d908c9ce7d
content-encoding
gzip
x-robots-tag
nofollow
etag
cacheable:4450c0d0911874ddb6e1993af119353e
x-alternate-cache-key
cacheable:96e506ca2a2888eeb7d31834c96db5a7
x-cache
hit, server
set-cookie
_y=6138ad43-fe0c-4730-9eee-3cd4d6460ed5; Expires=Mon, 31-May-21 08:53:26 GMT; Path=/ _orig_referrer=; Expires=Sun, 14-Jun-20 08:53:26 GMT; Path=/; HttpOnly secure_customer_sig=; path=/; expires=Thu, 31 May 2040 08:53:26 GMT; secure; HttpOnly _shopify_y=6138ad43-fe0c-4730-9eee-3cd4d6460ed5; Expires=Mon, 31-May-21 08:53:26 GMT; Path=/ _landing_page=%2Fpassword; Expires=Sun, 14-Jun-20 08:53:26 GMT; Path=/; HttpOnly cart_sig=; path=/; expires=Sun, 14 Jun 2020 08:53:26 GMT; HttpOnly
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f
x-dc
gcp-us-east1,gcp-us-central1,gcp-us-central1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001} {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]} {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
x-request-id
0ec32615-87c0-472e-a0e2-8d1d51956f1f
cf-cache-status
DYNAMIC
cf-request-id
030b88a54f0000c4c7e12a5200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59bf76e87895c4c7-DUS
alt-svc
h3-27=":443"; ma=86400

Redirect headers

status
302
date
Sun, 31 May 2020 08:53:26 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
70
x-sorting-hat-shopid
27528036423
x-frame-options
DENY
x-shopid
27528036423
x-shardid
70
content-language
de
x-cache
allow
location
https://ciaocovid.club/password
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=6f9d0ecb-ed60-45b5-808c-fbf2ce5f8f76
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=6f9d0ecb-ed60-45b5-808c-fbf2ce5f8f76
x-dc
gcp-us-east1,gcp-us-central1,gcp-us-central1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001} {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]} {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
x-request-id
6f9d0ecb-ed60-45b5-808c-fbf2ce5f8f76
cf-cache-status
DYNAMIC
cf-request-id
030b88a4780000c4c7e1295200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59bf76e72c4ac4c7-DUS
alt-svc
h3-27=":443"; ma=86400
theme.scss.css
cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/ 		167 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.scss.css?v=14854048817888197408
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
66cac2f772d3df71ca8ee851d33a097544ee4432852bae3758bfcc68d459de52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
26623
x-xss-protection
1; mode=block
x-request-id
d2d2f60
surrogate-key
mime-text/css source-GcsShopAssetsBackend segment2-189 segment4-48566 revision-630a3535b58b9f5b72e732ac039c97e94ec8a4b4 cdn-shopify-com-s-files-1-0275-2803-6423-t-3-assets-theme-scss-css shop-27528036423
last-modified
Wed, 27 May 2020 08:56:38 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.scss.css>; rel="canonical"
expires
Thu, 27 May 2021 08:56:37 GMT
vendor.min.js
cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/vendor.min.js?v=18362583233972542081
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ee1493144e29223115c7418f6ba681dcedb0160f65e72cb6e85ec11026b53450
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
48175
x-xss-protection
1; mode=block
x-request-id
2404f879
surrogate-key
mime-application/javascript source-GcsShopAssetsBackend segment2-11 segment4-3010 revision-311c5796e76cb9e18eddceed67d9afedebd85e78 cdn-shopify-com-s-files-1-0275-2803-6423-t-3-assets-vendor-min-js shop-27528036423
last-modified
Sat, 25 Apr 2020 12:47:08 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/vendor.min.js>; rel="canonical"
expires
Sat, 29 May 2021 06:04:05 GMT
theme.min.js
cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/ 		121 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.min.js?v=7539499555888488178
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
2518f2f528bfa00946f6a5d1485a78daebcc1ff04312ce7a6e6b0b6dc6fdd26a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
30449
x-xss-protection
1; mode=block
x-request-id
edf86eb
surrogate-key
mime-application/javascript source-GcsShopAssetsBackend segment2-169 segment4-43347 revision-630a3535b58b9f5b72e732ac039c97e94ec8a4b4 cdn-shopify-com-s-files-1-0275-2803-6423-t-3-assets-theme-min-js shop-27528036423
last-modified
Sat, 25 Apr 2020 12:47:07 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.min.js>; rel="canonical"
expires
Thu, 27 May 2021 19:50:10 GMT
load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
cdn.shopify.com/s/assets/storefront/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ciaocovid.club/password
Origin
https://ciaocovid.club

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
3015
x-xss-protection
1; mode=block
x-request-id
3892c04
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-43 segment4-11237 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-assets-storefront-load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50-js
last-modified
Tue, 28 Apr 2020 18:35:46 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js>; rel="canonical"
trekkie.storefront.min.js
cdn.shopify.com/s/javascripts/tricorder/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
fb10d669f19c662bd30a58717f082488940471675cba27f047db04650bde2fd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
11121
x-xss-protection
1; mode=block
x-request-id
6e177df
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-123 segment4-31719 revision-8fbb68ed806208ae461148e7ec8f74ea81d6d898 cdn-shopify-com-s-javascripts-tricorder-trekkie-storefront-min-js
last-modified
Tue, 26 May 2020 14:28:15 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
timing-allow-origin
*
link
<https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js>; rel="canonical"
shop_events_listener-43fce3d908d9bd272394a7b71efb84146cdd385cdb9ca0fd444b2281d7f9b65a.js
cdn.shopify.com/s/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shop_events_listener-43fce3d908d9bd272394a7b71efb84146cdd385cdb9ca0fd444b2281d7f9b65a.js
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
43fce3d908d9bd272394a7b71efb84146cdd385cdb9ca0fd444b2281d7f9b65a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
2188
x-xss-protection
1; mode=block
x-request-id
e1c11d
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-83 segment4-21487 revision-8fbb68ed806208ae461148e7ec8f74ea81d6d898 cdn-shopify-com-s-assets-shop_events_listener-43fce3d908d9bd272394a7b71efb84146cdd385cdb9ca0fd444b2281d7f9b65a-js
last-modified
Mon, 25 May 2020 18:39:10 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shop_events_listener-43fce3d908d9bd272394a7b71efb84146cdd385cdb9ca0fd444b2281d7f9b65a.js>; rel="canonical"
titilliumweb_n7.d9934f829b1262cd6f365837a78b867b01693063.woff2
fonts.shopifycdn.com/titillium_web/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/titillium_web/titilliumweb_n7.d9934f829b1262cd6f365837a78b867b01693063.woff2?h1=Y2lhb2NvdmlkLmNsdWI&hmac=46e8424f9cdd4516028dc2166f9f528d15d725cbd237fe5490717ffc28725ae0
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f34e90f890742f5b160ad77f20628654a7940ba91ec3a904ec612000cc8e4f13

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.scss.css?v=14854048817888197408
Origin
https://ciaocovid.club

Response headers

x-amz-version-id
x0L1ECOGyx82JrvM9QUZP8Nm.qpIv_kE
via
1.1 varnish
etag
"813340aeac771d6d70d08773c3ae43c2"
age
20382
x-cache
HIT
status
200
content-length
15136
x-amz-id-2
Ba/qb1B3bbjYqXAstbDegPR1m3pora6zlGsJpznPudcdgpt4Po4Vam1r3T4XrS0yUEWRBTLrReA=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 02 May 2018 18:21:45 GMT
server
AmazonS3
x-timer
S1590915207.771102,VS0,VE0
date
Sun, 31 May 2020 08:53:26 GMT
x-amz-request-id
BC86564D4E175DB9
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
4
lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2
fonts.shopifycdn.com/lato/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/lato/lato_n4.c86cddcf8b15d564761aaa71b6201ea326f3648b.woff2?h1=Y2lhb2NvdmlkLmNsdWI&hmac=6d6d3a3a370ce1b55fa41dd6f516628bf318d608e4ba201b1d4dff1bc0ad523e
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
575c97668d79c41ce6dbc1bf6d1c7fa0c5920725a1cd691aa5e11410f892f18b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.scss.css?v=14854048817888197408
Origin
https://ciaocovid.club

Response headers

x-amz-version-id
Hk9EfjfV6_.4qzfhKYaVrgmumvhhTA9x
via
1.1 varnish
etag
"13a15a60521ed0a8a9b2dac5ec2f79dd"
age
31603
x-cache
HIT
status
200
content-length
42156
x-amz-id-2
D0W03wxdNNGPNMXIFbgoDQTicIfNIz+Pcz1vgkasWsdd7364Gv7yk1gsFogOGXhJ94j1+XeemJQ=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 02 May 2018 18:21:14 GMT
server
AmazonS3
x-timer
S1590915207.771083,VS0,VE0
date
Sun, 31 May 2020 08:53:26 GMT
x-amz-request-id
3BAB711E70A1EF57
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
768
lato_n7.f0037142450bd729bdf6ba826f5fdcd80f2787ba.woff2
fonts.shopifycdn.com/lato/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/lato/lato_n7.f0037142450bd729bdf6ba826f5fdcd80f2787ba.woff2?h1=Y2lhb2NvdmlkLmNsdWI&hmac=5143ade9267f5df2f380217499b1ce8f9109fbae67e87b795850892feb727fb7
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a432c4acbaf96b8fc08f14446aa394d0b6238b3780b975c9a7fe16e480ed2e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cdn.shopify.com/s/files/1/0275/2803/6423/t/3/assets/theme.scss.css?v=14854048817888197408
Origin
https://ciaocovid.club

Response headers

x-amz-version-id
95.qKPlDKj0S0vWuju7FA8YwPF_kSQ1V
via
1.1 varnish
etag
"594cbcd7eee52d7701e6e1217c342e46"
age
21612
x-cache
HIT
status
200
content-length
41536
x-amz-id-2
TlL7Y7MkXxTSAxMvx5jiydbQrkNStK5RpIMTqH9O5zp67VT3X0Q0Dv5HVWSSjTV3oHRZLYoEbDU=
x-served-by
cache-hhn4020-HHN
last-modified
Wed, 02 May 2018 18:21:14 GMT
server
AmazonS3
x-timer
S1590915207.771069,VS0,VE0
date
Sun, 31 May 2020 08:53:26 GMT
x-amz-request-id
191D900AE02EB42A
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
720
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: ciaocovid.club
URL: https://ciaocovid.club/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:1ae::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
abb2e69ad5d767f2360cbfe551bd62cf07063c7d862d3fd50d09e9918f2bade3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
30963
x-xss-protection
1; mode=block
x-request-id
1b1ddcf2
surrogate-key
mime-application/javascript source-GcsBackend segment2-96 segment4-24675 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
last-modified
Fri, 22 May 2020 17:01:46 GMT
date
Sun, 31 May 2020 08:53:26 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
expires
Sat, 22 May 2021 17:07:30 GMT
produce
monorail-edge.shopifysvc.com/v1/ 		0
467 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 May 2020 08:53:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://ciaocovid.club
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
f72bc235-64da-4904-83b6-f019c49c6d97
produce
monorail-edge.shopifysvc.com/v1/ 		0
466 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 May 2020 08:53:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://ciaocovid.club
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
b15ed488-2a53-4f37-b1b9-e5a3588e34b1
produce
monorail-edge.shopifysvc.com/v1/ 		0
466 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ciaocovid.club/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 31 May 2020 08:53:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://ciaocovid.club
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
2bb7f35e-77c0-4252-bbad-e281596d4ba5

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| theme object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking object| meta string| attr object| ShopifyAnalytics object| trekkie function| Hammer function| $ function| jQuery function| morphdom object| _ object| _visit object| BOOMR

13 Cookies

Domain/Path Name / Value
ciaocovid.club/ Name: _shopify_sa_p
Value:
.ciaocovid.club/ Name: _shopify_sa_t
Value: 2020-05-31T08%3A53%3A26.827Z
.ciaocovid.club/ Name: _shopify_fs
Value: 2020-05-31T08%3A53%3A26.821Z
.ciaocovid.club/ Name: _shopify_s
Value: 69ef9332-C355-483B-80A9-6036FFC7C587
.ciaocovid.club/ Name: _s
Value: 69ef9332-C355-483B-80A9-6036FFC7C587
ciaocovid.club/ Name: cart_sig
Value:
.ciaocovid.club/ Name: _shopify_sa_p
Value:
ciaocovid.club/ Name: _landing_page
Value: %2Fpassword
ciaocovid.club/ Name: _shopify_y
Value: 6138ad43-fe0c-4730-9eee-3cd4d6460ed5
.ciaocovid.club/ Name: __cfduid
Value: d2dd5ccf878799bf8ca8d89d7ff8f5c081590915206
ciaocovid.club/ Name: _y
Value: 6138ad43-fe0c-4730-9eee-3cd4d6460ed5
ciaocovid.club/ Name: secure_customer_sig
Value:
ciaocovid.club/ Name: _orig_referrer
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=0ec32615-87c0-472e-a0e2-8d1d51956f1f