Submitted URL: http://funds4covid-19.online/
Effective URL: https://funds4covid-19.online/
Tags: falconsandbox
Submission: On December 04 via api from US

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 199.188.200.84, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is funds4covid-19.online.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 7th 2020. Valid for: a year.
This is the only time funds4covid-19.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 199.188.200.84 22612 (NAMECHEAP...)
3 139.45.196.142 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.104.29.90 63949 (LINODE-AP...)
19 8
Domain Requested by
8 funds4covid-19.online 1 redirects funds4covid-19.online
3 fonts.gstatic.com fonts.googleapis.com
3 iptautup.com funds4covid-19.online
iptautup.com
2 www.google-analytics.com funds4covid-19.online
www.google-analytics.com
2 widget.supercounters.com funds4covid-19.online
1 www.supercounters.com widget.supercounters.com
1 fonts.googleapis.com funds4covid-19.online
19 7

This site contains no links.

Subject Issuer Validity Valid
funds4covid-19.online
Sectigo RSA Domain Validation Secure Server CA
2020-10-07 -
2021-10-07
a year crt.sh
iptautup.com
Let's Encrypt Authority X3
2020-09-24 -
2020-12-23
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-22 -
2021-07-22
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.supercounters.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-24 -
2022-09-26
2 years crt.sh

This page contains 1 frames:

Primary Page: https://funds4covid-19.online/
Frame ID: E8AC582C0B0DCA2773C5988086C501DC
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://funds4covid-19.online/ HTTP 301
    https://funds4covid-19.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

19
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

235 kB
Transfer

583 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://funds4covid-19.online/ HTTP 301
    https://funds4covid-19.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
funds4covid-19.online/
Redirect Chain
  • http://funds4covid-19.online/
  • https://funds4covid-19.online/
92 KB
27 KB
Document
General
Full URL
https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
9e390bc349c3e317348d45301b40f87d40109a8c6b8b6cb6db139d05fea16985

Request headers

:method
GET
:authority
funds4covid-19.online
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
server
Apache
last-modified
Tue, 01 Dec 2020 08:30:58 GMT
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
27197
content-type
text/html

Redirect headers

Date
Fri, 04 Dec 2020 00:19:16 GMT
Server
Apache
Location
https://funds4covid-19.online/
Content-Length
238
Content-Type
text/html; charset=iso-8859-1
ntfc.php?p=3610831
iptautup.com/
40 KB
12 KB
Script
General
Full URL
https://iptautup.com/ntfc.php?p=3610831
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
fe349619ccda0fc1bf257e45506955e1ade551dd5318afb732926c681a2e651b

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 00:19:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Nov 2020 11:53:57 GMT
Server
nginx
ETag
W/"5fb7ae55-9fdb"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
jquery.js
funds4covid-19.online/en-ng/assets/js/
4 KB
2 KB
Script
General
Full URL
https://funds4covid-19.online/en-ng/assets/js/jquery.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
f55d13826d2162152ed8378c230f48d17a17a027e193fe5d81a322f5265e9bfc

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 04:05:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
1550
css2?family=Montserrat:wght@400;500&display=swap
fonts.googleapis.com/
3 KB
696 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4793f4f3c44918f6922cc0ef3c943cdd0ef9b70769c3470c80567714e15b7794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Dec 2020 23:07:26 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Fri, 04 Dec 2020 00:19:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 04 Dec 2020 00:19:17 GMT
main.css
funds4covid-19.online/en-ng/assets/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://funds4covid-19.online/en-ng/assets/css/main.css
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
66af9df55cb5fcfcfce698c3aef41e194f13721d037be1883e64e6ab84e74411

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 04:05:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
none
content-length
2063
onesignalsdk.js
funds4covid-19.online/sdks/
8 KB
3 KB
Script
General
Full URL
https://funds4covid-19.online/sdks/onesignalsdk.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 04:05:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
2728
utgni2u.jpg
funds4covid-19.online/
36 KB
36 KB
Image
General
Full URL
https://funds4covid-19.online/utgni2u.jpg
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
19ee0c9a8c76f7cd6848a88b49ca109457181e78cefdb3aa1927186760820132

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
last-modified
Fri, 27 Nov 2020 04:05:08 GMT
server
Apache
accept-ranges
bytes
content-length
37154
content-type
image/jpeg
jquery.min.js
funds4covid-19.online/ajax/libs/jquery/1-11-3/
94 KB
33 KB
Script
General
Full URL
https://funds4covid-19.online/ajax/libs/jquery/1-11-3/jquery.min.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 04:05:14 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
33303
custom.min.js
funds4covid-19.online/en-ng/assets/js/
17 KB
5 KB
Script
General
Full URL
https://funds4covid-19.online/en-ng/assets/js/custom.min.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.188.200.84 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium108-2.web-hosting.com
Software
Apache /
Resource Hash
b1289c65f7638890ca0dcd4526fc2397e3c1eee1484eb39996244a4372d2460d

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 04:05:16 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
4942
online_i.js
widget.supercounters.com/ssl/
4 KB
2 KB
Script
General
Full URL
https://widget.supercounters.com/ssl/online_i.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2017 06:49:04 GMT
server
cloudflare
age
7179
etag
W/"596474e0-109e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jUlBfVLBhFSfJCrwxel%2BbpGLXaFm5oTB4GEN70cRR7HgapsnJRLpGX1kGj2UirrzyCjXotcpJEeY%2BNivedajvMVhPHolht6kXwChVlReRddaCVZgsVujzhtl1cWDfUZ6iep2j%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
5fc15ae508991f25-FRA
cf-request-id
06ccb7232900001f259a9bf000000001
zone?pub=0&zone_id=3610831&is_mobile=false&domain=funds4covid-19.online&var=&ymid=&var_3=
iptautup.com/
686 B
1 KB
Fetch
General
Full URL
https://iptautup.com/zone?pub=0&zone_id=3610831&is_mobile=false&domain=funds4covid-19.online&var=&ymid=&var_3=
Requested by
Host: iptautup.com
URL: https://iptautup.com/ntfc.php?p=3610831
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
a5eb9d9bebb733ebfaf5ff032759f70047359cb0d4325a06fc4a451c1055826b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
a44f753dcc554a29e07cc227c6c89457
Date
Fri, 04 Dec 2020 00:19:17 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://funds4covid-19.online
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
686
universal.min.js?v=3.1.280
iptautup.com/pfe/current/
188 KB
54 KB
Fetch
General
Full URL
https://iptautup.com/pfe/current/universal.min.js?v=3.1.280
Requested by
Host: iptautup.com
URL: https://iptautup.com/ntfc.php?p=3610831
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 04 Dec 2020 00:19:17 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Nov 2020 11:53:57 GMT
Server
nginx
ETag
W/"5fb7ae55-2f127"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://funds4covid-19.online
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/en-ng/assets/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1796
date
Thu, 03 Dec 2020 23:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 04 Dec 2020 01:49:21 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funds4covid-19.online
Referer
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 08:33:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:07 GMT
server
sffe
age
229532
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13640
x-xss-protection
0
expires
Wed, 01 Dec 2021 08:33:45 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gfD_vx3rCubqg.woff2
fonts.gstatic.com/s/montserrat/v15/
11 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gfD_vx3rCubqg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c337a293de1c948d3e9438ff2563a274a33383829ef9fa736eae43a4fb539f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funds4covid-19.online
Referer
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 17:24:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:16 GMT
server
sffe
age
24917
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11736
x-xss-protection
0
expires
Fri, 03 Dec 2021 17:24:00 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://funds4covid-19.online
Referer
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 21:21:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:14 GMT
server
sffe
age
97084
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Thu, 02 Dec 2021 21:21:13 GMT
collect?v=1&_v=j87&a=949381213&t=pageview&_s=1&dl=https%3A%2F%2Ffunds4covid-19.online%2F&ul=en-us&de=UTF-8&dt=The%20Government%20has%20ordered%20payment%20of%20%E2%82%A6650%2C000%20to%20all%20citiz...
www.google-analytics.com/j/
2 B
70 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=949381213&t=pageview&_s=1&dl=https%3A%2F%2Ffunds4covid-19.online%2F&ul=en-us&de=UTF-8&dt=The%20Government%20has%20ordered%20payment%20of%20%E2%82%A6650%2C000%20to%20all%20citizens%20above%20the%20age%20of%2018%20years%20old.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=884409078&gjid=1682963152&cid=1873862800.1607041158&tid=UA-147558510-1&_gid=2045415863.1607041158&_r=1&_slc=1&z=1660544428
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 04 Dec 2020 00:19:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://funds4covid-19.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
fc.php?id=1597774&w=1&v=2&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&url=ht...
www.supercounters.com/
29 B
279 B
Script
General
Full URL
https://www.supercounters.com/fc.php?id=1597774&w=1&v=2&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&url=https%3A%2F%2Ffunds4covid-19.online%2F%23&sw=1600&sh=1200&rand=36
Requested by
Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.29.90 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.12.2 / PHP/7.2.0
Resource Hash
36b4f25c9d4f913c87bfa05a86caf9f8f8073f46678a315de629acfca16bc351

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:19:18 GMT
Content-Encoding
gzip
Server
nginx/1.12.2
Connection
keep-alive
X-Powered-By
PHP/7.2.0
Transfer-Encoding
chunked
Content-Type
application/x-javascript
ffffff.png
widget.supercounters.com/images/online/
353 B
836 B
Image
General
Full URL
https://widget.supercounters.com/images/online/ffffff.png
Requested by
Host: funds4covid-19.online
URL: https://funds4covid-19.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c2fbec0929706707308a3899be464943e5ce7b52e850bf8df0bcfb93efe604

Request headers

Referer
https://funds4covid-19.online/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:19:18 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2525
content-length
353
cf-request-id
06ccb7272f00001f25bebcb000000001
last-modified
Tue, 03 Sep 2019 23:22:13 GMT
server
cloudflare
etag
"5d6ef5a5-161"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UXr3DmO%2BK35z8D7vIWgLoOQzu9VKVlwW6waMyYJQFefmgTCMWzDI0ge45fjOrB0TMufeg1GEYHwDluAZKshTQ1GXko7GCi4djkDwJXuIQZVxQu2hKsjRpxdCFN2VSCtrirCOnDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5fc15aeb786e1f25-FRA

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| k object| _u0noqbx89d8 object| b1477d8phod object| zfgformats function| setImmediate function| clearImmediate function| _nijrpblp function| _jhpdytxx object| _0x2205 function| _0xc69a object| _0x5ee5 function| _0x7aab object| _0x3afd function| _0x53c7 object| _0x5cf0 function| _0x4f97 string| GoogleAnalyticsObject function| ga string| brandCode string| price number| startCounter string| exitUrl string| countryCode string| countryName string| offerUrl string| shareUrl string| shareType string| shareUrlFB number| shareCount boolean| popup string| brand number| shareScrubAt number| shareScrubTo string| iframeUrl object| OneSignal function| prevent object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery string| TXT_SHARE_COMPLETE string| TXT_SHARE_MESSAGE string| TXT_WHATSAPP_MESSAGE string| TXT_SWITCH_WHATSAPP_MESSAGE string| TXT_LEAVE_SURVEY string| TXT_DISABLE_CLICK string| TXT_NUMBER_NEEDED string| TXT_TIP string| TXT_REPLY string| TXT_LIKE string| TXT_FOLLOW_POST string| TXT_LANGUAGE string| TXT_BRAND object| messageBox boolean| share_enable boolean| show_form boolean| switch_urls boolean| switch_wa_share_text number| switch_after_x_shares number| track_after_x_shares string| switch_to_wa_url string| switch_to_fb_url boolean| areYouReallySure boolean| internalLink string| social_network string| wa_message number| rnd_wa number| wa_len number| url_len object| $_GET function| areYouSure function| gup boolean| completed boolean| sent string| isp_fy string| country_fy string| city_fy function| share function| share2 function| share3 function| goOffer function| firePixel function| getQueryParams function| setCookie function| getCookie function| isCookieSet object| DOMString function| enviar function| deadline function| tip_text number| counter number| counter2 number| seconds number| rnd_url boolean| resetCount number| c object| objServer object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg

3 Cookies

Domain/Path Name / Value
.funds4covid-19.online/ Name: _gat
Value: 1
.funds4covid-19.online/ Name: _gid
Value: GA1.2.2045415863.1607041158
.funds4covid-19.online/ Name: _ga
Value: GA1.2.1873862800.1607041158

1 Console Messages

Source Level URL
Text
console-api log URL: https://funds4covid-19.online/sdks/onesignalsdk.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
funds4covid-19.online
iptautup.com
widget.supercounters.com
www.google-analytics.com
www.supercounters.com
139.45.196.142
172.104.29.90
199.188.200.84
2606:4700:3036::6818:72e2
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:824::200e
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
19ee0c9a8c76f7cd6848a88b49ca109457181e78cefdb3aa1927186760820132
2c337a293de1c948d3e9438ff2563a274a33383829ef9fa736eae43a4fb539f9
36b4f25c9d4f913c87bfa05a86caf9f8f8073f46678a315de629acfca16bc351
4793f4f3c44918f6922cc0ef3c943cdd0ef9b70769c3470c80567714e15b7794
66af9df55cb5fcfcfce698c3aef41e194f13721d037be1883e64e6ab84e74411
71c2fbec0929706707308a3899be464943e5ce7b52e850bf8df0bcfb93efe604
9e390bc349c3e317348d45301b40f87d40109a8c6b8b6cb6db139d05fea16985
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a5eb9d9bebb733ebfaf5ff032759f70047359cb0d4325a06fc4a451c1055826b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b1289c65f7638890ca0dcd4526fc2397e3c1eee1484eb39996244a4372d2460d
c8dc7b19cc73dcae7b05da62447e293e0dc1c6964a1410a7997d3d1e861771fb
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f55d13826d2162152ed8378c230f48d17a17a027e193fe5d81a322f5265e9bfc
fe349619ccda0fc1bf257e45506955e1ade551dd5318afb732926c681a2e651b
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051