urlscan.io logo urlscan.io
SecurityTrails logo

who-covid19.org Open in urlscan Pro
64.191.166.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af
Effective URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Submission: On February 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 64.191.166.198, located in Louisville, United States and belongs to QX-NET-ASN-1, US. The main domain is who-covid19.org.
TLS certificate: Issued by R3 on February 1st 2022. Valid for: 3 months.
This is the only time who-covid19.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 64.191.166.198 13776 (QX-NET-ASN-1)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.71.83.137 395817 (OHI-1-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 5
8    64.191.166.198 (Louisville, United States)

ASN13776 (QX-NET-ASN-1, US)
PTR: landing.phishingbox.com
who-covid19.org
cdn.assetboxes.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    199.71.83.137 (Greely, Canada)

ASN395817 (OHI-1-ASN1, CA)
PTR: www.ottawaheart.ca
www.ottawaheart.ca
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
7 who-covid19.org
who-covid19.org
797 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
49 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 assetboxes.com
cdn.assetboxes.com
117 KB
1 ottawaheart.ca
www.ottawaheart.ca
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
13 6
Domain Requested by
7 who-covid19.org 1 redirects who-covid19.org
2 www.youtube.com who-covid19.org
www.youtube.com
2 fonts.gstatic.com fonts.googleapis.com
1 cdn.assetboxes.com who-covid19.org
1 www.ottawaheart.ca who-covid19.org
1 fonts.googleapis.com who-covid19.org
13 6

This site contains links to these domains. Also see Links.

Domain
hearthub.ottawaheart.ca
Subject Issuer Validity Valid
who-covid19.org
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.ottawaheart.ca
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-13 -
2022-11-13		 a year crt.sh
cdn.assetboxes.com
R3		 2022-02-01 -
2022-05-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Frame ID: E403E163174F03A337FEF663D1201A43
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af HTTP 302
    https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1024 kB
Transfer

1124 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af HTTP 302
    https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request route.php
who-covid19.org/
Redirect Chain
  • https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af
  • https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
24 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
8455e8cc23864bef229fb980b4312886759e3e21b77f3da05e82c04cd06256a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 10 Feb 2022 20:41:36 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 10 Feb 2022 20:41:34 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
jquery-3.1.1.min.js
who-covid19.org/assets/js/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/assets/js/jquery-3.1.1.min.js
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
7162e4718b70ab98408c656e6b3404d20df3c0d6facf3c8471c5b1a2a88d5529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:37 GMT
Last-Modified
Tue, 27 Jul 2021 10:35:45 GMT
Server
Apache
ETag
"152c5-5c8186eb2493d"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
86725
jquery_ui.js
who-covid19.org/assets/js/ 		509 KB
509 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/assets/js/jquery_ui.js?v=1.5
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
1bf4686be65431946ebbc1cb07b0be92c7dadd35b31d3189cd5ec9f4c742da15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:38 GMT
Last-Modified
Thu, 26 Dec 2019 13:41:34 GMT
Server
Apache
ETag
"7f20a-59a9b8915676b"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
520714
bootstrap.min.css
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/bootstrap.min.css
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:38 GMT
Last-Modified
Tue, 27 Jul 2021 10:35:45 GMT
Server
Apache
ETag
"1d970-5c8186eb1cc3d"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
121200
bootstrap-theme.min.css
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/assets/bootstrap/bootstrap-3.3.7/css/bootstrap-theme.min.css
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:38 GMT
Last-Modified
Tue, 27 Jul 2021 10:35:45 GMT
Server
Apache
ETag
"5b71-5c8186eb1bc9d"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
23409
bootstrap.min.js
who-covid19.org/assets/bootstrap/bootstrap-3.3.7/js/ 		36 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://who-covid19.org/assets/bootstrap/bootstrap-3.3.7/js/bootstrap.min.js
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:38 GMT
Last-Modified
Tue, 27 Jul 2021 10:35:45 GMT
Server
Apache
ETag
"90b5-5c8186eb1dbdd"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37045
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;600;700&display=swap
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c4644e70c0f164bb6ef2cd1f4e7f6cde2df509cf3bf908fd3cf161e9de630d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 10 Feb 2022 20:27:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 10 Feb 2022 20:41:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Feb 2022 20:41:37 GMT
logo_1.png
www.ottawaheart.ca/sites/default/files/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ottawaheart.ca/sites/default/files/logo_1.png
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.71.83.137 Greely, Canada, ASN395817 (OHI-1-ASN1, CA),
Reverse DNS
www.ottawaheart.ca
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 /
Resource Hash
2ef8013eb4c56fe313b60c16bcfc906ea52eaa416f278ac5341832cf767ec1c2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 May 2015 18:56:01 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9
ETag
"3452-51714cb4a9240"
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
image/png
Cache-Control
max-age=1209600
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
13394
Expires
Thu, 24 Feb 2022 20:41:39 GMT
1593634446_attachment_example.png
cdn.assetboxes.com/uploads/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.assetboxes.com/uploads/1593634446_attachment_example.png
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.191.166.198 Louisville, United States, ASN13776 (QX-NET-ASN-1, US),
Reverse DNS
landing.phishingbox.com
Software
Apache /
Resource Hash
7df6017fffbf851b65317f473ee9560a0846a47256add7a1d2d6ee1875268f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Thu, 10 Feb 2022 20:41:41 GMT
Last-Modified
Mon, 07 Feb 2022 13:17:17 GMT
Server
Apache
ETag
"1d104-5d76d6b6f213e"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
119044
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v15/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea03bd5d723c75f6d0a9419d4f9651afd78ea2a4abfcee7f926cbde0681a2671
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://who-covid19.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:32:11 GMT
x-content-type-options
nosniff
age
90570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22592
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:05:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:32:11 GMT
va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v15/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v15/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51aa1f55f3d344d82ece24055a31012cf77d10cc4a2f9307f5dea293118d40f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://who-covid19.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:32:11 GMT
x-content-type-options
nosniff
age
90570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23724
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:06:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:32:11 GMT
player_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: who-covid19.org
URL: https://who-covid19.org/route.php?k=25f33fd2a727abe6ccf9300db40cd13708ffe3af&viewed=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8f66b4bcc5e8d3e51de1971d5860966de604f411416bd5338fbecb882dfed7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 20:41:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Thu, 10 Feb 2022 20:41:41 GMT
www-widgetapi.js
www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/ 		147 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86891a4f92d09b470ae41e59041f933740ed0637ff2b92780b185cf1649cdb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://who-covid19.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 19:06:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
5730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48432
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 10 Feb 2023 19:06:11 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| $ function| jQuery object| tag object| firstScriptTag undefined| player function| onYouTubeIframeAPIReady function| onPlayerReady function| changeBorderColor function| onPlayerStateChange object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: M_aYvuYGU0g
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: W4zV6RTwKJU

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains