www.covid19.com Open in urlscan Pro
216.239.138.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.covid19.com/
Effective URL:
https://www.covid19.com/
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2021, 3:48:51 pm UTC) from US

Summary HTTP 13 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 216.239.138.50, located in Tempe, United States and belongs to OMNIS, US. The main domain is www.covid19.com.
TLS certificate: Issued by R3 on January 24th 2021. Valid for: 3 months.

This is the only time www.covid19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 10	216.239.138.50 216.239.138.50		19237 (OMNIS) (OMNIS)
1	2a00:1450:400... 2a00:1450:4001:802::2008		15169 (GOOGLE) (GOOGLE)
1	65.9.69.3 65.9.69.3		16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e		15169 (GOOGLE) (GOOGLE)
13	4

10 216.239.138.50 (Tempe, United States) 1 redirects

ASN19237 (OMNIS, US)
PTR: 216-239-138.50.cluster.omnis.com

www.covid19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.3 (United States)

ASN16509 (AMAZON-02, US)

static.tapfiliate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	covid19.com 1 redirects www.covid19.com	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	tapfiliate.com static.tapfiliate.com	10 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
13	4

	Domain	Requested by
10	www.covid19.com	1 redirects www.covid19.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	static.tapfiliate.com	www.covid19.com
1	www.googletagmanager.com	www.covid19.com
13	4

This site contains links to these domains. Also see Links.

Domain
www.cidrap.umn.edu
www.osterholmupdate.com
www.gofundme.com
www.anytimecovidtest.com

Subject Issuer	Validity	Valid
covid19.com R3	`2021-01-24` - `2021-04-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tapfiliate.com Amazon	`2020-11-20` - `2021-12-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.covid19.com/
Frame ID: 948CC87D0178BC18D3ABF8C157E45D6C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.covid19.com/ HTTP 302
https://www.covid19.com/ Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

127 kB
Transfer

375 kB
Size

3
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cidrap.umn.edu/
Title: The Center for Infectious Disease Research and Policy (CIDRAP)

Search URL Search Domain Scan URL

URL: https://www.osterholmupdate.com/
Title: The Osterholm Update - a weekly podcast on the pandemic with Dr. Michael Osterholm, Director of CIDRAP

Search URL Search Domain Scan URL

URL: https://www.gofundme.com/f/frontlinerespondersfund/
Title: The Frontline Responders Fund

Search URL Search Domain Scan URL

URL: https://www.anytimecovidtest.com/?ref=covidtest&tm_subid1=c19c

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.covid19.com/ HTTP 302
https://www.covid19.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.covid19.com/
Redirect Chain

http://www.covid19.com/
https://www.covid19.com/

3 KB
1 KB

475ms
164ms

Document
text/html

216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 7ad148fb8d0d0d16ecaf0da5f221774664b79f3e266e8bb7a300ba792f9f965d

Request headers

:method: GET
:authority: www.covid19.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: openresty/1.15.8.2
date: Fri, 19 Feb 2021 15:48:35 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 10 Feb 2021 05:07:49 GMT
etag: W/"b7d-5baf46269d869"
x-proxy-cache: BYPASS
content-encoding: gzip

Redirect headers

Server: openresty/1.15.8.2
Date: Fri, 19 Feb 2021 15:48:35 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
Location: https://www.covid19.com/
Cache-Control: private, no-store, no-cache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 35ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8000483-18

Requested by

Host: www.covid19.com
URL: https://www.covid19.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b07d4d08c2fe1ada4bdaf444fc85ed840853fe9bfa379d97b9aec1fc995ee1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39257
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 15:48:35 GMT

GET
H2 200 supersized_002.css
www.covid19.com/css/ 2 KB
840 B 284ms
282ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/supersized_002.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 074c2e67ea585942cf97e40a309ff86c4adf99cf994b6e9e6cde4d9f668d6855

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:01 GMT
server: openresty/1.15.8.2
etag: W/"618-5a2e29220f1ca"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 bootstrap.css
www.covid19.com/css/ 79 KB
13 KB 412ms
410ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/bootstrap.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: bb473a30b4289b7521aaab7f22750c618197882ab701ce7ee466441d98810319

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:02 GMT
server: openresty/1.15.8.2
etag: W/"13cfe-5a2e292359ef2"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 bootstrap-responsive.css
www.covid19.com/css/ 11 KB
2 KB 282ms
281ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/bootstrap-responsive.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: ead24db942ef7c888bba800076e5fb85d31387d4bafa32977d871b5d208155da

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:03 GMT
server: openresty/1.15.8.2
etag: W/"2af6-5a2e29239e4d7"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 supersized.css
www.covid19.com/css/ 5 KB
2 KB 156ms
154ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/supersized.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:01 GMT
server: openresty/1.15.8.2
etag: W/"1296-5a2e292258999"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 custom.css
www.covid19.com/css/ 2 KB
635 B 283ms
282ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/custom.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 59094f5d38c76fda29fcd61f5d60e0c1ccb0b6c98d8c083d576ec6ab2a58bfb3

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Fri, 10 Apr 2020 06:12:24 GMT
server: openresty/1.15.8.2
etag: W/"6a0-5a2e99dee6846"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 jquery_002.js Show response
www.covid19.com/js/ 93 KB
33 KB 288ms
286ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/jquery_002.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 117146f6e72b65b44827f5efb662e309820d11f6f62c28a87e09451c30302d7d

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:59 GMT
server: openresty/1.15.8.2
etag: W/"17277-5a2e295906043"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H2 200 jquery.js Show response
www.covid19.com/js/ 7 KB
2 KB 155ms
153ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/jquery.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:59 GMT
server: openresty/1.15.8.2
etag: W/"1b86-5a2e29594b1a5"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H2 200 bootstrap.js Show response
www.covid19.com/js/ 22 KB
6 KB 160ms
158ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/bootstrap.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: e55688521444cedc39f64c913e019ef53dfb8c6a96b8471c0eb8944d8c5e43cb

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 15:48:35 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:49:00 GMT
server: openresty/1.15.8.2
etag: W/"5761-5a2e2959ddd83"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H2 200 5f5c185986f5c.png
static.tapfiliate.com/ 9 KB
10 KB 109ms
37ms Image
image/png 65.9.69.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tapfiliate.com/5f5c185986f5c.png?a=78675-de7a59&s=1482391-004481
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8d7525620b5bef7536f47ef9a2d896bc73b7974fbbd47f10adf5b08cfcbe47c

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:44:26 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront)
last-modified: Sat, 12 Sep 2020 00:37:46 GMT
server: AmazonS3
age: 47051
etag: "817d91de71ac34d127b290fb6e6afe7b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 9565
x-amz-cf-id: UlcmnSKqMLBw6uh8VTsr5X7G9RO4xQlPl-9IAFcpffhHP_cwInCe7g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8000483-18

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7044
date: Fri, 19 Feb 2021 13:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 15:51:12 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1375954575&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid19.com%2F&ul=en-us&de=UTF-8&dt=Covid19.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=818614209&gjid=1256925264&cid=429984903.1613749716&tid=UA-8000483-18&_gid=209006090.1613749716&_r=1&gtm=2ou2a1&z=1553740380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 15:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.covid19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.covid19.com/	1970-01-19 16:15:49	Name: _gat_gtag_UA_8000483_18 Value: 1
			.covid19.com/	1970-01-19 16:17:16	Name: _gid Value: GA1.2.209006090.1613749716
			.covid19.com/	1970-01-20 09:47:01	Name: _ga Value: GA1.2.429984903.1613749716

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static.tapfiliate.com
www.covid19.com
www.google-analytics.com
www.googletagmanager.com
216.239.138.50
2a00:1450:4001:802::2008
2a00:1450:4001:809::200e
65.9.69.3
074c2e67ea585942cf97e40a309ff86c4adf99cf994b6e9e6cde4d9f668d6855
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b
117146f6e72b65b44827f5efb662e309820d11f6f62c28a87e09451c30302d7d
59094f5d38c76fda29fcd61f5d60e0c1ccb0b6c98d8c083d576ec6ab2a58bfb3
6b07d4d08c2fe1ada4bdaf444fc85ed840853fe9bfa379d97b9aec1fc995ee1d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ad148fb8d0d0d16ecaf0da5f221774664b79f3e266e8bb7a300ba792f9f965d
7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8
b8d7525620b5bef7536f47ef9a2d896bc73b7974fbbd47f10adf5b08cfcbe47c
bb473a30b4289b7521aaab7f22750c618197882ab701ce7ee466441d98810319
e55688521444cedc39f64c913e019ef53dfb8c6a96b8471c0eb8944d8c5e43cb
ead24db942ef7c888bba800076e5fb85d31387d4bafa32977d871b5d208155da