www.covid19-confirmed.com Open in urlscan Pro
52.86.137.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://covid19-confirmed.com/
Effective URL:
https://www.covid19-confirmed.com/
Submission: On April 07 via automatic, source certstream-suspicious (April 7th 2020, 4:00:18 am UTC)

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 52.86.137.228, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.covid19-confirmed.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.

This is the only time www.covid19-confirmed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
6	52.86.137.228 52.86.137.228	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6818:7c19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

1 2001:4860:4802:34::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

covid19-confirmed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.86.137.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-137-228.compute-1.amazonaws.com

www.covid19-confirmed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6818:7c19 (United States)

ASN13335 (CLOUDFLARENET, US)

corona.lmao.ninja	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	covid19-confirmed.com 1 redirects covid19-confirmed.com www.covid19-confirmed.com	515 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	lmao.ninja corona.lmao.ninja	10 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googleapis.com fonts.googleapis.com	1 KB
16	5

	Domain	Requested by
6	www.covid19-confirmed.com	www.covid19-confirmed.com
3	fonts.gstatic.com	www.covid19-confirmed.com
2	corona.lmao.ninja	www.covid19-confirmed.com
2	www.google-analytics.com	www.covid19-confirmed.com
2	fonts.googleapis.com	www.covid19-confirmed.com
1	covid19-confirmed.com	1 redirects
16	6

This site contains links to these domains. Also see Links.

Domain
www.webmd.com

Subject Issuer	Validity	Valid
covid19-confirmed.com Let's Encrypt Authority X3	`2020-04-07` - `2020-07-06`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-19` - `2020-10-09`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.covid19-confirmed.com/
Frame ID: B5DDACA20CEB2550BA8E896EED0B5BE1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://covid19-confirmed.com/ HTTP 301
https://www.covid19-confirmed.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

94 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

577 kB
Transfer

2037 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.webmd.com/lung/coronavirus
Title: About

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://covid19-confirmed.com/ HTTP 301
https://www.covid19-confirmed.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.covid19-confirmed.com/
Redirect Chain

https://covid19-confirmed.com/
https://www.covid19-confirmed.com/

3 KB
2 KB

404ms
129ms

Document
text/html

52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a3685f8e06944550ea0b20d85eb879bac788a6796e8b4c8fac8aeb135890436f

Request headers

Host: www.covid19-confirmed.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Connection: keep-alive
Server: nginx
Date: Tue, 07 Apr 2020 04:00:00 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Etag: W/"5e8bb080-b36"
Content-Encoding: gzip
Via: 1.1 vegur

Redirect headers

status: 301
location: https://www.covid19-confirmed.com/
date: Tue, 07 Apr 2020 03:59:59 GMT
content-type: text/html; charset=UTF-8
server: ghs
content-length: 231
x-xss-protection: 0
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK 2.23bc2e7b.chunk.css
www.covid19-confirmed.com/static/css/ 36 KB
5 KB 122ms
122ms Stylesheet
text/css 52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19-confirmed.com/static/css/2.23bc2e7b.chunk.css
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 501f6ac8f089b08da748fb6e621e3e71a8c310365ba4c862366e60b6b9e947d4

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 07 Apr 2020 04:00:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Server: nginx
Etag: W/"5e8bb080-907b"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.ff354200.chunk.css
www.covid19-confirmed.com/static/css/ 571 B
689 B 244ms
116ms Stylesheet
text/css 52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19-confirmed.com/static/css/main.ff354200.chunk.css
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9e8d5315856fa8ecd0dc0ec50e4e74d9fb6b3e76ebf69c142fd0b805843996f6

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 07 Apr 2020 04:00:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Server: nginx
Etag: W/"5e8bb080-23b"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 2.40071bdf.chunk.js Show response
www.covid19-confirmed.com/static/js/ 2 MB
489 KB 353ms
131ms Script
application/x-javascript 52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 17a06e421e8f74fbf0a35d5ab41701d09a0687b8152e6af595792177327b8e89

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 04:00:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Server: nginx
Etag: W/"5e8bb080-1c4898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK main.1d96522f.chunk.js Show response
www.covid19-confirmed.com/static/js/ 33 KB
10 KB 343ms
118ms Script
application/x-javascript 52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19-confirmed.com/static/js/main.1d96522f.chunk.js
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76c79044e3fdfc05920cf652e234cd970a0f5b463ba7e92aafa16fd47ed0f617

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 04:00:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Server: nginx
Etag: W/"5e8bb080-8531"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 10 KB
904 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Apr 2020 04:00:00 GMT
server: ESF
date: Tue, 07 Apr 2020 04:00:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Apr 2020 04:00:00 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
434 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Apr 2020 04:00:00 GMT
server: ESF
date: Tue, 07 Apr 2020 04:00:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Apr 2020 04:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin: https://www.covid19-confirmed.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 466658
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 01 Apr 2021 18:22:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin: https://www.covid19-confirmed.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 5800182
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin: https://www.covid19-confirmed.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 12:00:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 230383
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Sun, 04 Apr 2021 12:00:18 GMT

GET
BLOB 200
OK c105fcb5-717a-4fa7-ae00-97809ac80876
https://www.covid19-confirmed.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.covid19-confirmed.com/c105fcb5-717a-4fa7-ae00-97809ac80876
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5189
date: Tue, 07 Apr 2020 02:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 07 Apr 2020 04:33:32 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK logo.4d9c7c17.svg
www.covid19-confirmed.com/static/media/ 7 KB
8 KB 120ms
120ms Image
image/svg+xml 52.86.137.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.covid19-confirmed.com/static/media/logo.4d9c7c17.svg
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.137.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-137-228.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d3d3c806820b11e8e9a11e6c8ba28c5ca2c94cbcbf264e8f3b90557f256e64a2

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 04:00:01 GMT
Via: 1.1 vegur
Last-Modified: Mon, 06 Apr 2020 22:43:12 GMT
Server: nginx
Etag: "5e8bb080-1de0"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7648

GET
H2 200 jhucsse Show response
corona.lmao.ninja/v2/ 60 KB
9 KB 33ms
16ms XHR
application/json 2606:4700:3036::6818:7c19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.lmao.ninja/v2/jhucsse
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:7c19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 90cfb632050974cb971a4f9dd9dad67c8e67e8897a4a174db87995ebb6ca6821

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covid19-confirmed.com/
Origin: https://www.covid19-confirmed.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 04:00:01 GMT
content-encoding: br
ng-cache-status: HIT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 5800d6d7789fc28b-FRA
etag: W/"ee45-7n7NyBgosvjMociFOBNB/Z/y1Fs"

GET
H2 200 all Show response
corona.lmao.ninja/ 261 B
249 B 36ms
19ms XHR
application/json 2606:4700:3036::6818:7c19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.lmao.ninja/all
Requested by: Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/static/js/2.40071bdf.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:7c19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 880a87728590c809222727e1d5c2ffdfd834ed66cf99bc5375ed70952c970db8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covid19-confirmed.com/
Origin: https://www.covid19-confirmed.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 04:00:01 GMT
content-encoding: br
ng-cache-status: HIT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 5800d6d778a0c28b-FRA
etag: W/"105-m0gaXo3N37i6ZB+i7FVXsFvoaAI"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1804491646&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid19-confirmed.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=COVID-19%20Confirmed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=461599810&gjid=1304628859&cid=197340575.1586232001&tid=UA-111003043-2&_gid=1593872651.1586232001&_r=1&z=828704799

Requested by

Host: www.covid19-confirmed.com
URL: https://www.covid19-confirmed.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covid19-confirmed.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 07 Apr 2020 04:00:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.covid19-confirmed.com/	1970-01-19 08:37:12	Name: _gat Value: 1
.covid19-confirmed.com/	1970-01-19 08:38:38	Name: _gid Value: GA1.2.1593872651.1586232001
.covid19-confirmed.com/	1970-01-20 02:08:24	Name: _ga Value: GA1.2.197340575.1586232001

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corona.lmao.ninja
covid19-confirmed.com
fonts.googleapis.com
fonts.gstatic.com
www.covid19-confirmed.com
www.google-analytics.com
2001:4860:4802:34::15
2606:4700:3036::6818:7c19
2a00:1450:4001:808::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:820::2003
52.86.137.228
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
17a06e421e8f74fbf0a35d5ab41701d09a0687b8152e6af595792177327b8e89
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
501f6ac8f089b08da748fb6e621e3e71a8c310365ba4c862366e60b6b9e947d4
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
76c79044e3fdfc05920cf652e234cd970a0f5b463ba7e92aafa16fd47ed0f617
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
880a87728590c809222727e1d5c2ffdfd834ed66cf99bc5375ed70952c970db8
90cfb632050974cb971a4f9dd9dad67c8e67e8897a4a174db87995ebb6ca6821
9e8d5315856fa8ecd0dc0ec50e4e74d9fb6b3e76ebf69c142fd0b805843996f6
a3685f8e06944550ea0b20d85eb879bac788a6796e8b4c8fac8aeb135890436f
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d3d3c806820b11e8e9a11e6c8ba28c5ca2c94cbcbf264e8f3b90557f256e64a2
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

www.covid19-confirmed.com Open in urlscan Pro 52.86.137.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

83 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

577 kBTransfer

2037 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Indicators

www.covid19-confirmed.com Open in urlscan Pro
52.86.137.228 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

577 kB
Transfer

2037 kB
Size

3
Cookies

16 HTTP transactions
1 data transactions