who-covid19.org
Open in
urlscan Pro
64.191.166.198
Public Scan
Effective URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Submission: On February 10 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 1st 2022. Valid for: 3 months.
This is the only time who-covid19.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 64.191.166.198 64.191.166.198 | 13776 (QX-NET-ASN-1) (QX-NET-ASN-1) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 199.71.83.137 199.71.83.137 | 395817 (OHI-1-ASN1) (OHI-1-ASN1) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
13 | 5 |
ASN13776 (QX-NET-ASN-1, US)
PTR: landing.phishingbox.com
who-covid19.org | |
cdn.assetboxes.com |
ASN395817 (OHI-1-ASN1, CA)
PTR: www.ottawaheart.ca
www.ottawaheart.ca |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
who-covid19.org
1 redirects
who-covid19.org |
797 KB |
2 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 87 |
49 KB |
2 |
gstatic.com
fonts.gstatic.com |
46 KB |
1 |
assetboxes.com
cdn.assetboxes.com |
117 KB |
1 |
ottawaheart.ca
www.ottawaheart.ca |
14 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35 |
1 KB |
13 | 6 |
Domain | Requested by | |
---|---|---|
7 | who-covid19.org |
1 redirects
who-covid19.org
|
2 | www.youtube.com |
who-covid19.org
www.youtube.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.assetboxes.com |
who-covid19.org
|
1 | www.ottawaheart.ca |
who-covid19.org
|
1 | fonts.googleapis.com |
who-covid19.org
|
13 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
hearthub.ottawaheart.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
who-covid19.org R3 |
2022-02-01 - 2022-05-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
*.ottawaheart.ca DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-13 - 2022-11-13 |
a year | crt.sh |
cdn.assetboxes.com R3 |
2022-02-01 - 2022-05-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-01-17 - 2022-04-11 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Frame ID: E403E163174F03A337FEF663D1201A43
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af
HTTP 302
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Learn more on the Cybersecurity page on the HeartHub
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af
HTTP 302
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
route.php
who-covid19.org/ Redirect Chain
|
24 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.1.1.min.js
who-covid19.org/assets/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_ui.js
who-covid19.org/assets/js/ |
509 KB 509 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/ |
118 KB 119 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-theme.min.css
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/js/ |
36 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_1.png
www.ottawaheart.ca/sites/default/files/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1593634446_attachment_example.png
cdn.assetboxes.com/uploads/ |
116 KB 117 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/ |
22 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
player_api
www.youtube.com/ |
980 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/ |
147 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| $ function| jQuery object| tag object| firstScriptTag undefined| player function| onYouTubeIframeAPIReady function| onPlayerReady function| changeBorderColor function| onPlayerStateChange object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.youtube.com/ | Name: YSC Value: M_aYvuYGU0g |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: W4zV6RTwKJU |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.assetboxes.com
fonts.googleapis.com
fonts.gstatic.com
who-covid19.org
www.ottawaheart.ca
www.youtube.com
199.71.83.137
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
64.191.166.198
1bf4686be65431946ebbc1cb07b0be92c7dadd35b31d3189cd5ec9f4c742da15
2ef8013eb4c56fe313b60c16bcfc906ea52eaa416f278ac5341832cf767ec1c2
4c4644e70c0f164bb6ef2cd1f4e7f6cde2df509cf3bf908fd3cf161e9de630d3
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
7162e4718b70ab98408c656e6b3404d20df3c0d6facf3c8471c5b1a2a88d5529
7df6017fffbf851b65317f473ee9560a0846a47256add7a1d2d6ee1875268f9e
8455e8cc23864bef229fb980b4312886759e3e21b77f3da05e82c04cd06256a1
86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d
d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c