covidvirusmap.com - urlscan.io

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 7 HTTP transactions. The main IP is 185.50.68.87, located in Istanbul, Turkey and belongs to OSBIL, CY. The main domain is covidvirusmap.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 1st 2020. Valid for: 3 months.

This is the only time covidvirusmap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.50.68.87 185.50.68.87	201978 (OSBIL) (OSBIL)
2	212.175.175.206 212.175.175.206	9121 (TTNET) (TTNET)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
7	5

2 185.50.68.87 (Istanbul, Turkey)

ASN201978 (OSBIL, CY)
PTR: 185-50-68-87.sunucu.name

covidvirusmap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.175.175.206 (Turkey)

ASN9121 (TTNET, TR)
PTR: covid19.saglik.gov.tr

covid19.saglik.gov.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	saglik.gov.tr covid19.saglik.gov.tr
2	covidvirusmap.com covidvirusmap.com	5 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	858 B
1	bing.com www.bing.com
7	5

	Domain	Requested by
2	covid19.saglik.gov.tr	covidvirusmap.com
2	covidvirusmap.com	covidvirusmap.com
1	fonts.gstatic.com	covidvirusmap.com
1	fonts.googleapis.com	covidvirusmap.com
1	www.bing.com	covidvirusmap.com
7	5

This site contains no links.

Subject Issuer	Validity	Valid
covidvirusmap.com Let's Encrypt Authority X3	`2020-04-01` - `2020-06-30`	3 months	crt.sh
*.saglik.gov.tr GlobalSign Organization Validation CA - SHA256 - G2	`2017-11-15` - `2020-12-19`	3 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://covidvirusmap.com/
Frame ID: 509AFC898331CDC68F46C46CC6A8F5F9
Requests: 4 HTTP requests in this frame

Frame: https://covid19.saglik.gov.tr/img/31mart2020-1.jpg
Frame ID: 3A1269EA23DCD5AAE233B9C590E05132
Requests: 1 HTTP requests in this frame

Frame: https://covid19.saglik.gov.tr/img/31mart2020-2.jpg
Frame ID: 4A9678EFC1BEA7206DFDF227CD255995
Requests: 1 HTTP requests in this frame

Frame: https://www.bing.com/covid?ref=vc.ru
Frame ID: 105D474B39ABDC73C0C777F04C01D64A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

7
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

15 kB
Transfer

30 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
covidvirusmap.com/ 881 B
944 B 2231ms
80ms Document
text/html 185.50.68.87
OSBIL

General

Check archive.org

Show headers Download Go to

Full URL: https://covidvirusmap.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 185.50.68.87 Istanbul, Turkey, ASN201978 (OSBIL, CY),
Reverse DNS: 185-50-68-87.sunucu.name
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e4ccfa6cf85dd6f80e23c6541b8fc288fb0f3333953521a8ba798945e138d54

Request headers

Host: covidvirusmap.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 08:47:01 GMT
Accept-Ranges: bytes
ETag: W/"f09a8d1c28d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Wed, 01 Apr 2020 08:47:14 GMT
Content-Length: 620

GET
H/1.1 200
OK style.css
covidvirusmap.com/css/ 13 KB
4 KB 81ms
81ms Stylesheet
text/css 185.50.68.87
OSBIL

General

Check archive.org

Show headers Download Go to

Full URL: https://covidvirusmap.com/css/style.css
Requested by: Host: covidvirusmap.com
URL: https://covidvirusmap.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 185.50.68.87 Istanbul, Turkey, ASN201978 (OSBIL, CY),
Reverse DNS: 185-50-68-87.sunucu.name
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 702daa78aa8eb3d9f9378636611e724f1cc6b07962c199f8ef04445e36d64e83

Request headers

Referer: https://covidvirusmap.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

X-Powered-By-Plesk: PleskWin
Date: Wed, 01 Apr 2020 08:47:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 08:40:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "156a7e3f18d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4017

GET
H/1.1 200
OK 31mart2020-1.jpg
covid19.saglik.gov.tr/img/ Frame 3A12 0
0 324ms
68ms Document
image/jpeg 212.175.175.206
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.saglik.gov.tr/img/31mart2020-1.jpg
Requested by: Host: covidvirusmap.com
URL: https://covidvirusmap.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.175.175.206 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: covid19.saglik.gov.tr
Software: Apache/2.4.6 (CentOS) /
Resource Hash

Request headers

Host: covid19.saglik.gov.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://covidvirusmap.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covidvirusmap.com/

Response headers

Date: Wed, 01 Apr 2020 08:37:40 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 31 Mar 2020 17:21:41 GMT
ETag: "18db8-5a229cd19e4a4"
Accept-Ranges: bytes
Content-Length: 101816
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

GET
H/1.1 200
OK 31mart2020-2.jpg
covid19.saglik.gov.tr/img/ Frame 4A96 0
0 350ms
75ms Document
image/jpeg 212.175.175.206
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.saglik.gov.tr/img/31mart2020-2.jpg
Requested by: Host: covidvirusmap.com
URL: https://covidvirusmap.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.175.175.206 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: covid19.saglik.gov.tr
Software: Apache/2.4.6 (CentOS) /
Resource Hash

Request headers

Host: covid19.saglik.gov.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://covidvirusmap.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covidvirusmap.com/

Response headers

Date: Wed, 01 Apr 2020 08:37:40 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 31 Mar 2020 17:22:42 GMT
ETag: "19e91-5a229d0ba9cb2"
Accept-Ranges: bytes
Content-Length: 106129
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

GET
H2 200 covid
www.bing.com/ Frame 105D 0
0 136ms
135ms Document
text/html 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bing.com/covid?ref=vc.ru

Requested by

Host: covidvirusmap.com
URL: https://covidvirusmap.com/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.bing.com
:scheme: https
:path: /covid?ref=vc.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://covidvirusmap.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://covidvirusmap.com/

Response headers

status: 200
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-msedge-ref: Ref A: 067B24E5C13B4E1F86662AEEEA3D3086 Ref B: FRAEDGE0718 Ref C: 2020-04-01T08:37:39Z
set-cookie: _EDGE_S=F=1&SID=11130277B2A965FE18940CE8B3D864F5; path=/; httponly; domain=bing.com _EDGE_V=1; path=/; httponly; expires=Mon, 26-Apr-2021 08:37:40 GMT; domain=bing.com MUID=1FFBFC626FD9647B0BC0F2FD6EA86575; samesite=none; path=/; secure; expires=Mon, 26-Apr-2021 08:37:40 GMT; domain=bing.com MUIDB=1FFBFC626FD9647B0BC0F2FD6EA86575; path=/; httponly; expires=Mon, 26-Apr-2021 08:37:40 GMT
date: Wed, 01 Apr 2020 08:37:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
858 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek,greek-ext,vietnamese

Requested by

Host: covidvirusmap.com
URL: https://covidvirusmap.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covidvirusmap.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 08:37:40 GMT
server: ESF
date: Wed, 01 Apr 2020 08:37:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Apr 2020 08:37:40 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: covidvirusmap.com
URL: https://covidvirusmap.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek,greek-ext,vietnamese
Origin: https://covidvirusmap.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 373369
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:54:51 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1969-12-31 23:59:59	Name: _SS Value: SID=11130277B2A965FE18940CE8B3D864F5
.bing.com/	1970-01-19 17:50:26	Name: SRCHUSR Value: DOB=20200401
.bing.com/	1970-01-19 17:50:26	Name: SRCHUID Value: V=2&GUID=FA6433A816974DDE85BAD64792E30101&dmnchg=1
www.bing.com/	1970-01-19 17:50:26	Name: MUIDB Value: 1FFBFC626FD9647B0BC0F2FD6EA86575
.bing.com/	1970-01-19 17:50:26	Name: SRCHD Value: AF=NOFORM
.bing.com/	1970-01-19 17:50:26	Name: MUID Value: 1FFBFC626FD9647B0BC0F2FD6EA86575
.bing.com/	1970-01-19 17:50:26	Name: _EDGE_V Value: 1
.bing.com/	1969-12-31 23:59:59	Name: _EDGE_S Value: F=1&SID=11130277B2A965FE18940CE8B3D864F5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid19.saglik.gov.tr
covidvirusmap.com
fonts.googleapis.com
fonts.gstatic.com
www.bing.com
185.50.68.87
212.175.175.206
2620:1ec:c11::200
2a00:1450:4001:816::200a
2a00:1450:4001:820::2003
0e4ccfa6cf85dd6f80e23c6541b8fc288fb0f3333953521a8ba798945e138d54
2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
702daa78aa8eb3d9f9378636611e724f1cc6b07962c199f8ef04445e36d64e83

covidvirusmap.com Open in urlscan Pro 185.50.68.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

15 kBTransfer

30 kBSize

8 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

8 Cookies

Indicators

covidvirusmap.com Open in urlscan Pro
185.50.68.87 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

15 kB
Transfer

30 kB
Size

8
Cookies

7 HTTP transactions
0 data transactions