dragonforwardknife.com Open in urlscan Pro
178.128.241.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://forumdelcorno.com/
Effective URL:
https://dragonforwardknife.com/?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1
Submission: On May 28 via automatic, source urlhaus (May 28th 2020, 8:47:27 am UTC)

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 178.128.241.54, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is dragonforwardknife.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 11th 2020. Valid for: 3 months.

This is the only time dragonforwardknife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::681c:1153	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3031::681c:1053	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 14	162.241.65.79 162.241.65.79	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	178.128.241.54 178.128.241.54	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
22	5

1 2606:4700:3037::681c:1153 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

forumdelcorno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681c:1053 (United States)

ASN13335 (CLOUDFLARENET, US)

www.forumdelcorno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 162.241.65.79 (Provo, United States) 6 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-65-79.unifiedlayer.com

css.digestcolect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tap.digestcolect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.241.54 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

dragonforwardknife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	digestcolect.com 6 redirects css.digestcolect.com tap.digestcolect.com Failed	18 KB
2	forumdelcorno.com 1 redirects forumdelcorno.com www.forumdelcorno.com	14 KB
1	dragonforwardknife.com dragonforwardknife.com	25 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	gravatar.com Failed 1.gravatar.com Failed
22	5

	Domain	Requested by
12	css.digestcolect.com	6 redirects www.forumdelcorno.com
2	tap.digestcolect.com	css.digestcolect.com tap.digestcolect.com
1	dragonforwardknife.com	tap.digestcolect.com
1	fonts.googleapis.com	www.forumdelcorno.com
1	www.forumdelcorno.com	www.forumdelcorno.com
1	forumdelcorno.com	1 redirects www.forumdelcorno.com
0	1.gravatar.com Failed	www.forumdelcorno.com
22	7

This site contains no links.

Subject Issuer	Validity	Valid
css.digestcolect.com Let's Encrypt Authority X3	`2020-05-11` - `2020-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
tap.digestcolect.com Let's Encrypt Authority X3	`2020-05-11` - `2020-08-09`	3 months	crt.sh
dragonforwardknife.com Let's Encrypt Authority X3	`2020-05-11` - `2020-08-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dragonforwardknife.com/?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1
Frame ID: F60FC885BDB587DAB36AE8ACE578D862
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://forumdelcorno.com/ HTTP 301
http://www.forumdelcorno.com/ Page URL
https://tap.digestcolect.com/r.php?id=0 Page URL
https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer Page URL
https://dragonforwardknife.com/?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

22
Requests

45 %
HTTPS

60 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

56 kB
Transfer

170 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://forumdelcorno.com/ HTTP 301
http://www.forumdelcorno.com/ Page URL
https://tap.digestcolect.com/r.php?id=0 Page URL
https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer Page URL
https://dragonforwardknife.com/?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://forumdelcorno.com/ HTTP 301
http://www.forumdelcorno.com/

Request Chain 1

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6

Request Chain 2

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6

Request Chain 4

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1

Request Chain 5

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6

Request Chain 6

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230

Request Chain 7

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp

Request Chain 8

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1 HTTP 302
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
www.forumdelcorno.com/
Redirect Chain

http://forumdelcorno.com/
http://www.forumdelcorno.com/

56 KB
14 KB

258ms
244ms

Document
text/html

2606:4700:3031::681c:1053
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Server: 2606:4700:3031::681c:1053 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.29
Resource Hash: 87c80158c8f34335245764ac1d0beb07a582b9012dc18f32f77e094eae058bc0

Request headers

Host: www.forumdelcorno.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=dcbf1a100ecdbaa1664e0f7d94e25cfeb1590655609
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.29
Link: <http://www.forumdelcorno.com/wp-json/>; rel="https://api.w.org/"
X-LiteSpeed-Cache: hit
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 02fc0f8416000005bbf294a200000001
Server: cloudflare
CF-RAY: 59a6b519bcff05bb-FRA
Content-Encoding: gzip

Redirect headers

Date: Thu, 28 May 2020 08:46:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dcbf1a100ecdbaa1664e0f7d94e25cfeb1590655609; expires=Sat, 27-Jun-20 08:46:49 GMT; path=/; domain=.forumdelcorno.com; HttpOnly; SameSite=Lax
X-Powered-By: PHP/7.2.29
X-Redirect-By: WordPress
Location: http://www.forumdelcorno.com/
X-LiteSpeed-Cache: hit
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 02fc0f831a0000062dc524e200000001
Server: cloudflare
CF-RAY: 59a6b5182dff062d-FRA

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6

10 KB
2 KB

392ms
127ms

Stylesheet
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.2.6
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6

10 KB
2 KB

410ms
135ms

Stylesheet
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.2.6
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather%3A400%2C700%2C900%2C400italic%2C700italic%2C900italic%7CMontserrat%3A400%2C700%7CInconsolata%3A400&subset=latin%2Clatin-ext

Requested by

Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87c7140e6516a1ba3083a26d0f6cc2a966cc0ca04efadc0545e426219333502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 May 2020 08:46:50 GMT
server: ESF
date: Thu, 28 May 2020 08:46:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 May 2020 08:46:50 GMT

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1

10 KB
2 KB

415ms
134ms

Stylesheet
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fgenericons%2Fgenericons.css&ver=3.4.1
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6

10 KB
2 KB

408ms
132ms

Stylesheet
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fstyle.css&ver=5.2.6
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230

10 KB
2 KB

409ms
134ms

Stylesheet
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fcss%2Fblocks.css&ver=20181230
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 298
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp

10 KB
2 KB

423ms
133ms

Script
application/javascript

162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
Requested by: Host: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Referer: http://www.forumdelcorno.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 May 2020 08:46:53 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

Redirect headers

Location: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
Date: Thu, 28 May 2020 08:46:52 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 282
Content-Type: text/html; charset=iso-8859-1

GET

stm
css.digestcolect.com/
Redirect Chain

http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1
https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1

0
0

GET Custom-sign-company-3-300x225-300x225.jpg
www.forumdelcorno.com/wp-content/uploads/2019/09/ 0
0

GET 79672d3784b26e69b4051ab14114500f
1.gravatar.com/avatar/ 0
0

GET stm
css.digestcolect.com/ 0
0

GET Custom-sign-company-3-300x225.jpg
forumdelcorno.com/wp-content/uploads/2019/09/ 0
0

GET stm
css.digestcolect.com/ 0
0

GET r.php
tap.digestcolect.com/ 0
0

GET
H/1.1 200
OK r.php
tap.digestcolect.com/ 272 B
510 B 397ms
129ms Document
text/html 162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tap.digestcolect.com/r.php?id=0
Requested by: Host: css.digestcolect.com
URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Host: tap.digestcolect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://www.forumdelcorno.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.forumdelcorno.com/

Response headers

Server: nginx
Date: Thu, 28 May 2020 08:46:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 272
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *

GET r.php
tap.digestcolect.com/ 0
0

GET
H/1.1 200
OK r.php
tap.digestcolect.com/ 686 B
737 B 133ms
132ms Document
text/html 162.241.65.79
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer
Requested by: Host: tap.digestcolect.com
URL: https://tap.digestcolect.com/r.php?id=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.65.79 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-65-79.unifiedlayer.com
Software: nginx / PHP/5.4.16
Resource Hash

Request headers

Host: tap.digestcolect.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://tap.digestcolect.com/r.php?id=0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://tap.digestcolect.com/r.php?id=0

Response headers

Server: nginx
Date: Thu, 28 May 2020 08:46:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H2 200 Primary Request / Show response
dragonforwardknife.com/ 24 KB
25 KB 107ms
38ms Document
text/html 178.128.241.54
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dragonforwardknife.com/?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1

Requested by

Host: tap.digestcolect.com
URL: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.128.241.54 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f93b8f405d10d7abd69af81f6f88ee0879fed5a8feef1c3f98c94e9542150f08

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: dragonforwardknife.com
:scheme: https
:path: /?p=hezdsyjyhe5gi3bpgmztini&sub1=Kiah&sub2=bd.v1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer

Response headers

status: 200
server: nginx
date: Thu, 28 May 2020 08:46:51 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=e25b35ef-7ea3-4c3c-bb75-80013b7717c8; expires=Sat, 27-Jun-2020 08:46:51 GMT; Max-Age=2592000; path=/; domain=dragonforwardknife.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1179d91e241cbea26748f5c37c22e29e7536e7ebdef99a5e0588f52d224097fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: css.digestcolect.com
URL: https://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1

Domain: www.forumdelcorno.com
URL: http://www.forumdelcorno.com/wp-content/uploads/2019/09/Custom-sign-company-3-300x225-300x225.jpg

Domain: 1.gravatar.com
URL: https://1.gravatar.com/avatar/79672d3784b26e69b4051ab14114500f?s=49&d=mm&r=g

Domain: css.digestcolect.com
URL: http://css.digestcolect.com/stm?v=8.3.1/wp-includes/js/wp-emoji-release.min.js?ver=5.2.6

Domain: forumdelcorno.com
URL: http://forumdelcorno.com/wp-content/uploads/2019/09/Custom-sign-company-3-300x225.jpg

Domain: css.digestcolect.com
URL: http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fjs%2Fskip-link-focus-fix.js&ver=20160816

Domain: css.digestcolect.com
URL: http://css.digestcolect.com/stm?v=8.3.1%2Fwp-content%2Fthemes%2Ftwentysixteen%2Fjs%2Ffunctions.js&ver=20181230

Domain: css.digestcolect.com
URL: http://css.digestcolect.com/stm?v=8.3.1%2Fwp-includes%2Fjs%2Fwp-embed.min.js&ver=5.2.6

Domain: tap.digestcolect.com
URL: https://tap.digestcolect.com/r.php?id=0

Domain: tap.digestcolect.com
URL: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer

Domain: tap.digestcolect.com
URL: https://tap.digestcolect.com/r.php?id=sggfjer&f=sggfjer

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dragonforwardknife.com/	1970-01-19 10:34:07	Name: uuid Value: e25b35ef-7ea3-4c3c-bb75-80013b7717c8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.gravatar.com
css.digestcolect.com
dragonforwardknife.com
fonts.googleapis.com
forumdelcorno.com
tap.digestcolect.com
www.forumdelcorno.com
1.gravatar.com
css.digestcolect.com
forumdelcorno.com
tap.digestcolect.com
www.forumdelcorno.com
162.241.65.79
178.128.241.54
2606:4700:3031::681c:1053
2606:4700:3037::681c:1153
2a00:1450:4001:814::200a
1179d91e241cbea26748f5c37c22e29e7536e7ebdef99a5e0588f52d224097fb
87c80158c8f34335245764ac1d0beb07a582b9012dc18f32f77e094eae058bc0
c87c7140e6516a1ba3083a26d0f6cc2a966cc0ca04efadc0545e426219333502
f93b8f405d10d7abd69af81f6f88ee0879fed5a8feef1c3f98c94e9542150f08

dragonforwardknife.com Open in urlscan Pro 178.128.241.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

45 %HTTPS

60 %IPv6

5 Domains

7 Subdomains

5 IPs

3 Countries

56 kBTransfer

170 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

Indicators

dragonforwardknife.com Open in urlscan Pro
178.128.241.54 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

45 %
HTTPS

60 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

56 kB
Transfer

170 kB
Size

1
Cookies

22 HTTP transactions
1 data transactions