covid19amd.info - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 35.224.0.163, located in United States and belongs to GOOGLE, US. The main domain is covid19amd.info.

This is the only time covid19amd.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.224.0.163 35.224.0.163	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:f45c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.95.121 13.224.95.121	16509 (AMAZON-02) (AMAZON-02)
3	3

2 35.224.0.163 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 163.0.224.35.bc.googleusercontent.com

covid19amd.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:f45c (United States)

ASN13335 (CLOUDFLARENET, US)

www.diagnosticimaging.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.95.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-121.zrh50.r.cloudfront.net

cdn.dnaindia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	covid19amd.info 1 redirects covid19amd.info	2 KB
1	dnaindia.com cdn.dnaindia.com	179 KB
1	diagnosticimaging.com www.diagnosticimaging.com	1 MB
3	3

	Domain	Requested by
2	covid19amd.info	1 redirects
1	cdn.dnaindia.com	covid19amd.info
1	www.diagnosticimaging.com	covid19amd.info
3	3

This site contains no links.

Subject Issuer	Validity	Valid
diagnosticimaging.com CloudFlare Inc ECC CA-2	`2019-11-22` - `2020-10-09`	a year	crt.sh
dnaindia.com Amazon	`2020-02-25` - `2021-03-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://covid19amd.info/login
Frame ID: 15DDD667AC27517C0D324DA43E0DCEB4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid19amd.info/ HTTP 302
http://covid19amd.info/login Page URL

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:^|\s)Python(?:\/([\d.]+))?/i
headers server /Werkzeug\/?([\d\.]+)?/i

Flask (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /Werkzeug\/?([\d\.]+)?/i

Page Statistics

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1712 kB
Transfer

1709 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid19amd.info/ HTTP 302
http://covid19amd.info/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.0

200
OK

Primary Request login Show response
covid19amd.info/
Redirect Chain

http://covid19amd.info/
http://covid19amd.info/login

1 KB
2 KB

370ms
339ms

Document
text/html

35.224.0.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://covid19amd.info/login
Protocol: HTTP/1.0
Server: 35.224.0.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 163.0.224.35.bc.googleusercontent.com
Software: Werkzeug/1.0.1 Python/2.7.13 /
Resource Hash: 107e2938e1449241cfa0d8bf0ca530673871cf60717ffe25cea909d0f20c3d02

Request headers

Host: covid19amd.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 1484
Server: Werkzeug/1.0.1 Python/2.7.13
Date: Sat, 30 May 2020 13:29:29 GMT

Redirect headers

Content-Type: text/html; charset=utf-8
Content-Length: 219
Location: http://covid19amd.info/login
Server: Werkzeug/1.0.1 Python/2.7.13
Date: Sat, 30 May 2020 13:29:29 GMT

GET
H2 200 covid-19.png
www.diagnosticimaging.com/sites/default/files/ 1 MB
1 MB 53ms
28ms Image
image/png 2606:4700::6813:f45c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.diagnosticimaging.com/sites/default/files/covid-19.png

Requested by

Host: covid19amd.info
URL: http://covid19amd.info/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:f45c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e2aa40a7cc45fb753e2bb0740f800bbab4046790aac34a39774373acd57ceb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://covid19amd.info/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 May 2020 13:29:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72368
status: 200
content-length: 1566051
cf-request-id: 03075f06d40000c2a9c781e200000001
last-modified: Fri, 13 Mar 2020 14:06:12 GMT
server: cloudflare
etag: "17e563-5a0bcf8d959f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 59b8cdeaeffbc2a9-FRA
expires: Sat, 30 May 2020 17:23:22 GMT

GET
H/1.1 200
OK 811584-ahmedabad-041119.jpg
cdn.dnaindia.com/sites/default/files/styles/full/public/2019/04/11/ 179 KB
179 KB 978ms
743ms Image
image/jpeg 13.224.95.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dnaindia.com/sites/default/files/styles/full/public/2019/04/11/811584-ahmedabad-041119.jpg
Requested by: Host: covid19amd.info
URL: http://covid19amd.info/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.95.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-95-121.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3f78daae636261c9e3bc06b289746b9644028a859cc76403aac4204ec5043d5

Request headers

Referer: http://covid19amd.info/login
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 30 May 2020 13:29:31 GMT
Via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Apr 2019 20:40:20 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1554928818/ctime:1554928818/gid:33/gname:www-data/md5:4dcc02593777b01528cf262ea0b0c085/mode:33188/mtime:1554928818/uid:33/uname:www-data
X-Amz-Cf-Pop: ZRH50-C1
ETag: "4dcc02593777b01528cf262ea0b0c085"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=31536000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182861
X-Amz-Cf-Id: uSgWnFYQ6n4zMvA5mxPlnZ7_DVnVf0ydgHf8v3AArw1uXIFqI-bNng==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.dnaindia.com
covid19amd.info
www.diagnosticimaging.com
13.224.95.121
2606:4700::6813:f45c
35.224.0.163
107e2938e1449241cfa0d8bf0ca530673871cf60717ffe25cea909d0f20c3d02
9e2aa40a7cc45fb753e2bb0740f800bbab4046790aac34a39774373acd57ceb5
a3f78daae636261c9e3bc06b289746b9644028a859cc76403aac4204ec5043d5

covid19amd.info Open in urlscan Pro 35.224.0.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1712 kBTransfer

1709 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

covid19amd.info Open in urlscan Pro
35.224.0.163 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1712 kB
Transfer

1709 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions