www.test-covid-19.gq
Open in
urlscan Pro
2a03:6f00:1::5c35:6078
Public Scan
Submission: On April 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on April 2nd 2020. Valid for: 3 months.
This is the only time www.test-covid-19.gq was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2a03:6f00:1::... 2a03:6f00:1::5c35:6078 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 5 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 | 216.239.38.21 216.239.38.21 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 149.5.244.13 149.5.244.13 | 174 (COGENT-174) (COGENT-174) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
17 | 7 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
test-covid-19.gq
www.test-covid-19.gq |
298 KB |
5 |
yandex.ru
2 redirects
mc.yandex.ru |
3 KB |
3 |
webvisor.org
1 redirects
mc.webvisor.org |
1 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
ipinfo.io
ipinfo.io |
399 B |
1 |
jsdelivr.net
cdn.jsdelivr.net |
104 KB |
1 |
googleapis.com
fonts.googleapis.com |
662 B |
17 | 7 |
Domain | Requested by | |
---|---|---|
8 | www.test-covid-19.gq |
www.test-covid-19.gq
|
5 | mc.yandex.ru |
2 redirects
www.test-covid-19.gq
cdn.jsdelivr.net |
3 | mc.webvisor.org |
1 redirects
www.test-covid-19.gq
|
1 | fonts.gstatic.com |
www.test-covid-19.gq
|
1 | ipinfo.io |
www.test-covid-19.gq
|
1 | cdn.jsdelivr.net |
www.test-covid-19.gq
|
1 | fonts.googleapis.com |
www.test-covid-19.gq
|
17 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
test-covid-19.gq Let's Encrypt Authority X3 |
2020-04-02 - 2020-07-01 |
3 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-02-22 - 2020-08-30 |
6 months | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
ipinfo.io GTS CA 1D2 |
2020-02-06 - 2020-05-06 |
3 months | crt.sh |
mc.webvisor.org Yandex CA |
2019-05-08 - 2020-05-07 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.test-covid-19.gq/
Frame ID: C3264E97C478C853C594C02F952A3565
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://mc.yandex.ru/watch/3?wmode=7&page-ref=https%3A%2F%2Fwww.test-covid-19.gq%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1585857024%3Au%3A1585857024759657604%3Ahi%3A HTTP 302
- https://mc.yandex.ru/watch/3/1?wmode=7&page-ref=https%3A%2F%2Fwww.test-covid-19.gq%2F&charset=utf-8&browser-info=ti%3A10%3Agdpr%3A14%3Afu%3A2%3Av%3A1841%3Awv%3A2%3Ast%3A1585857024%3Au%3A1585857024759657604%3Ahi%3A
- https://mc.webvisor.org/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=8866.Qy5Aab0gJ32wUSPUDqiqSo-h1wuNJDZsDEE_D-AUcV-kW3p--p6hNn9EpMImtOpO.InxSYwbRydzYX7fOGsQPoFLf9sE%2C HTTP 302
- https://mc.webvisor.org/sync_cookie_image_decide?token=8866.ixkTjCnvE3xGOTmZv2ODVyJP3gEND7bn57qtg1SShr0INYFCGy6N2w5M83xhFZ0IiBipKzqYQyGclx_I9b0zYd5CEV87rbgJP8zkPiJzrvo%2C.rKSSBI_rOOPKjYZXGsMEChHegxI%2C
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.test-covid-19.gq/ |
1 KB 970 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.b0425719.css
www.test-covid-19.gq/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.aa77b2f2.css
www.test-covid-19.gq/css/ |
231 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.ba1e847e.js
www.test-covid-19.gq/js/ |
48 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-vendors.f3cb5e0d.js
www.test-covid-19.gq/js/ |
626 KB 174 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 662 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ |
368 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/3/ Redirect Chain
|
0 -1 B |
XHR
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-who.png
www.test-covid-19.gq/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gps.svg
www.test-covid-19.gq/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
226 B 399 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.webvisor.org/metrika/ |
43 B 425 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
covid-19.png
www.test-covid-19.gq/images/ |
70 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/3/ |
35 B 590 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync_cookie_image_decide
mc.webvisor.org/ Redirect Chain
|
43 B 486 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
61490674
mc.yandex.ru/watch/ |
152 B 708 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| ym object| Ya object| yaCounter61490674 object| webpackJsonp object| regeneratorRuntime object| core object| $cookies5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.test-covid-19.gq/ | Name: _ym_isad Value: 2 |
|
.test-covid-19.gq/ | Name: _ym_wasSynced Value: %7B%22time%22%3A1585857024486%2C%22params%22%3A%7B%22eu%22%3A1%7D%2C%22bkParams%22%3A%7B%7D%7D |
|
www.test-covid-19.gq/ | Name: country Value: EN |
|
.test-covid-19.gq/ | Name: _ym_d Value: 1585857024 |
|
.test-covid-19.gq/ | Name: _ym_uid Value: 1585857024759657604 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ipinfo.io
mc.webvisor.org
mc.yandex.ru
www.test-covid-19.gq
149.5.244.13
216.239.38.21
2606:4700::6810:5714
2a00:1450:4001:818::200a
2a00:1450:4001:820::2003
2a02:6b8::1:119
2a03:6f00:1::5c35:6078
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0d99e16d0b4726cdff4105187bc3518dfcbc6a213f7814abc3f1b0d017bf2c4e
145e110d578fe9b4ad702bcd53a446c114d77818d1dc86c2d647cc690ecf87db
3efcea2d677394aabd044615d706f67170216f597e1feb43f1e9fd4f5e7e97e5
47435785b206a65795bf8ef0d9a463a81b940c5f948fd30877dddf7235f8d411
51733d09b3bfb13f0bb767ccba1428ab12ed56460f47e0227375a0b2e6b6986c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a4561afaa6d82b7db8f2d8a7d8e2320fd60f0b5a1d8a5a9f811fb4530007ed8
5b80412ce1c9762362971654db17c35cb47dc9c9895f520cb7f589561f990cfa
711ec013c79d36fe95121c31ce854c933049a338ed6b7d7729c6f9fc81645a70
7464d8667dff38cc65f5370e48396e5731ac74b1d6d7a6cdf0d3eacad48e2bed
87eb7663270ab92e205a026860434401ccf302a11626069dcc463ca9a8931208
ccaf45d37b41c5c06ec3a1b815b1684d6b9dc4450a025f5bcbeae5d83d31ba5b
dd4842390ec20993fa64c192a78ebf7da90cdcfa863efdeaa1e5da0cbb50b996
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b