covidsupportgroup.org Open in urlscan Pro
13.248.155.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covidsupportgroup.org/
Effective URL:
https://covidsupportgroup.org/
Submission: On June 10 via api (June 10th 2020, 4:09:14 am UTC) from BE

Summary HTTP 6 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 13.248.155.104, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is covidsupportgroup.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.

This is the only time covidsupportgroup.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 2	13.248.155.104 13.248.155.104		16509 (AMAZON-02) (AMAZON-02)
4	13.225.87.51 13.225.87.51		16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.62 13.225.73.62		16509 (AMAZON-02) (AMAZON-02)
6	3

2 13.248.155.104 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a20b9ee60132ef283.awsglobalaccelerator.com

covidsupportgroup.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.87.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-51.fra2.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-62.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	webflow.com uploads-ssl.webflow.com	50 KB
2	covidsupportgroup.org 1 redirects covidsupportgroup.org	4 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
6	3

	Domain	Requested by
4	uploads-ssl.webflow.com	covidsupportgroup.org
2	covidsupportgroup.org	1 redirects
1	d3e54v103j8qbb.cloudfront.net	covidsupportgroup.org
6	3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
covid.freshstatus.io

Subject Issuer	Validity	Valid
covidsupportgroup.org Let's Encrypt Authority X3	`2020-04-07` - `2020-07-06`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2019-11-24` - `2020-12-24`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://covidsupportgroup.org/
Frame ID: F7B96E919F03B584DF57716221DB295C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covidsupportgroup.org/ HTTP 301
https://covidsupportgroup.org/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Webflow () Expand

Overall confidence: 100%
Detected patterns

meta generator /Webflow/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

85 kB
Transfer

205 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/groups/covidsupportgroup/
Title: facebook Group

Search URL Search Domain Scan URL

URL: https://covid.freshstatus.io/
Title: Support Network Status Page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covidsupportgroup.org/ HTTP 301
https://covidsupportgroup.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response covidsupportgroup.org/ Redirect Chain http://covidsupportgroup.org/ https://covidsupportgroup.org/	10 KB 4 KB	1393ms 1319ms	Document text/html	13.248.155.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.248.155.104 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a20b9ee60132ef283.awsglobalaccelerator.com Software openresty / Resource Hash `626d032d002751da661f1fdc12528cb1f8a36a159e1e1a65a0a78a80c109997d` Request headers :method GET :authority covidsupportgroup.org :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server openresty date Wed, 10 Jun 2020 04:08:38 GMT content-type text/html content-length 3985 content-encoding gzip via 1.1 varnish 1.1 varnish accept-ranges bytes age 0 x-served-by cache-dca17721-DCA, cache-dub4331-DUB x-cache MISS, MISS x-cache-hits 0, 0 x-timer S1591762118.339965,VS0,VE254 vary Accept-Encoding x-cluster-name eu-west-1-prod-eks-15 Redirect headers Server openresty Date Wed, 10 Jun 2020 04:08:37 GMT Content-Type text/html Content-Length 166 Connection keep-alive Location https://covidsupportgroup.org/
GET H2	200	covidwi.webflow.a71b8724e.css uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/css/	41 KB 10 KB	199ms 154ms	Stylesheet text/css	13.225.87.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/css/covidwi.webflow.a71b8724e.css Requested by Host: covidsupportgroup.org URL: https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-51.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `ce1b2a6ee49b30467b029f5adb99886da0dff73137325751a6e6a355cc8abd72` Request headers Referer https://covidsupportgroup.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 04:08:39 GMT content-encoding gzip last-modified Wed, 29 Apr 2020 22:53:00 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "39ab9dcdaca20774b9bee2a0adb69e5a" x-cache Miss from cloudfront x-amz-version-id _K8dy_kMXMml.4Xq7c9TOCYFyLvh5WJj status 200 cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/css content-length 10072 via 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-amz-cf-id jDyT3oacqxvgQ6qrHShMLfzYoEa1Di0ODjO2rUbRkQxQIqDcTFYhXw==
GET H2	200	5e8c0af7e7b5c75ccdbb4ef9_logo.png uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/	5 KB 5 KB	443ms 398ms	Image image/png	13.225.87.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/5e8c0af7e7b5c75ccdbb4ef9_logo.png Requested by Host: covidsupportgroup.org URL: https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-51.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `00664c0118d6047dcb4501a35a0ffeaddc8714fcaca27114797e35d0e1f2d42a` Request headers Referer https://covidsupportgroup.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 04:08:39 GMT via 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) last-modified Tue, 07 Apr 2020 05:09:12 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "c4289263bda12d906eca6dfef7bcfe98" x-cache Miss from cloudfront x-amz-version-id VxWeYA4cxrS6hfcQS3vxPVTXJzlMzZox status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/png content-length 5190 x-amz-cf-id PYRWrW4HxtZQ46k7pJBZg4Lf-8m_rc1fx8byhZJ3Ahy_vKmSsIBTCA==
GET H2	200	5e8d2d5158c16802e1827303_tylenol-p-500.jpeg uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/	18 KB 18 KB	144ms 144ms	Image image/jpeg	13.225.87.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/5e8d2d5158c16802e1827303_tylenol-p-500.jpeg Requested by Host: covidsupportgroup.org URL: https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-51.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `4103d6a220c2953e2fe9553be5ba20909d5e4eba4612610ecd0926c95ba4a81f` Request headers Referer https://covidsupportgroup.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 04:08:39 GMT via 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) last-modified Wed, 08 Apr 2020 01:48:09 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "c4ba021a469639d43216a9f7f72de6b5" x-cache Miss from cloudfront x-amz-version-id qSD5PkJHTSEtnL5h1nuv92jxkf0gz7ek status 200 cache-control max-age=31536000, must-revalidate accept-ranges bytes content-type image/jpeg content-length 17928 x-amz-cf-id PaG1YkINvcj4OXdDqRMuQ8qcFhrjV51l6wxvvhYaJkPpF0bJtzbZsA==
GET H2	200	jquery-3.4.1.min.220afd743d.js Show response d3e54v103j8qbb.cloudfront.net/js/	86 KB 30 KB	418ms 375ms	Script application/javascript	13.225.73.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js?site=5e8c0839589c7c2f74abea1a Requested by Host: covidsupportgroup.org URL: https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.62 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-62.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://covidsupportgroup.org/ Origin https://covidsupportgroup.org Response headers date Wed, 10 Jun 2020 04:08:40 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 18:13:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 status 200 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=84600, must-revalidate x-cache Miss from cloudfront x-amz-cf-id 2yXC7KB9IeevjDa1gjqKRYUimq8OvYrNS3RCmENRY3TpfdtlcqzfTQ== via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
GET H2	200	webflow.9ec5e0ba4.js Show response uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/js/	45 KB 16 KB	482ms 482ms	Script text/javascript	13.225.87.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/5e8c0839589c7c2f74abea1a/js/webflow.9ec5e0ba4.js Requested by Host: covidsupportgroup.org URL: https://covidsupportgroup.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.51 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-51.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash `d80c127ac2010597c0df4cd707fe72cdd3d17c22e83154557c8e94cf94e102eb` Request headers Referer https://covidsupportgroup.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 10 Jun 2020 04:08:40 GMT content-encoding gzip last-modified Wed, 29 Apr 2020 22:53:00 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "ab59b7f27deea6b67d44220f3a7ec9ae" x-cache Miss from cloudfront x-amz-version-id SRnQkcsg_zxO_C65R4Z6JTD2ml1vvrk8 status 200 cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/javascript content-length 16254 via 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront) x-amz-cf-id xxw4bhQM-3wRxoAXFLsT6ZeJnZVg7_wHU7MbDiVR101fc062Js-4nQ==

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| tram object| Webflow

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covidsupportgroup.org
d3e54v103j8qbb.cloudfront.net
uploads-ssl.webflow.com
13.225.73.62
13.225.87.51
13.248.155.104
00664c0118d6047dcb4501a35a0ffeaddc8714fcaca27114797e35d0e1f2d42a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
4103d6a220c2953e2fe9553be5ba20909d5e4eba4612610ecd0926c95ba4a81f
626d032d002751da661f1fdc12528cb1f8a36a159e1e1a65a0a78a80c109997d
ce1b2a6ee49b30467b029f5adb99886da0dff73137325751a6e6a355cc8abd72
d80c127ac2010597c0df4cd707fe72cdd3d17c22e83154557c8e94cf94e102eb