urlscan.io logo urlscan.io
SecurityTrails logo

www.covid.danima.com Open in urlscan Pro
199.168.249.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.covid.danima.com/
Submission: On October 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 9 HTTP transactions. The main IP is 199.168.249.17, located in Canada and belongs to SKYCOMP-01, CA. The main domain is www.covid.danima.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 9th 2020. Valid for: 3 months.
This is the only time www.covid.danima.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 199.168.249.17 11239 (SKYCOMP-01)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 107.190.137.98 33182 (DIMENOC)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a04:4e42:1b:... 54113 (FASTLY)
9 5
4    199.168.249.17 (Canada)

ASN11239 (SKYCOMP-01, CA)
PTR: cp7.skycomp.ca
www.covid.danima.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    107.190.137.98 (Orlando, United States)

ASN33182 (DIMENOC, US)
PTR: malgwal.montanahosting.ca
www.kilmergroup.com
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Domain Requested by
4 www.covid.danima.com www.covid.danima.com
2 stackpath.bootstrapcdn.com www.covid.danima.com
1 cdn.jsdelivr.net www.covid.danima.com
1 code.jquery.com www.covid.danima.com
1 www.kilmergroup.com www.covid.danima.com
9 5

This site contains no links.

Subject Issuer Validity Valid
covid.danima.com
cPanel, Inc. Certification Authority		 2020-10-09 -
2021-01-07		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
www.kilmergroup.com
cPanel, Inc. Certification Authority		 2020-08-16 -
2020-11-14		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-05 -
2021-04-17		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.covid.danima.com/
Frame ID: A5FDA463263149C6446CCD466BB2D0F8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

77 kB
Transfer

315 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.covid.danima.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.covid.danima.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.168.249.17 , Canada, ASN11239 (SKYCOMP-01, CA),
Reverse DNS
cp7.skycomp.ca
Software
Apache / PHP/5.6.40
Resource Hash
e5ca57a1787b7e7cf96a3d91e003e5d24a0564c9b15876c806f91251a5990ab6

Request headers

Host
www.covid.danima.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 17:05:40 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=3967131b91161a48fdb1527b424476ec; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
P3P
policyref="/w3c/p3p.xml"
Content-Type
text/html; charset=utf-8
Content-Length
1339
Connection
close
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.covid.danima.com
Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 17:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Aug 2020 16:43:41 GMT
status
200
etag
"1596732221"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23876
default.css
www.covid.danima.com/css/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covid.danima.com/css/default.css
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.168.249.17 , Canada, ASN11239 (SKYCOMP-01, CA),
Reverse DNS
cp7.skycomp.ca
Software
Apache /
Resource Hash
3d3e4e0f3bd092bf4ed5f903ca4075fcd4779747631469af552d6b3c6abe30ed

Request headers

Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 17:05:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Oct 2020 16:35:36 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml"
Cache-Control
max-age=290304000, public
Connection
close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
471
notices.default.css
www.covid.danima.com/css/ 		794 B
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covid.danima.com/css/notices.default.css
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.168.249.17 , Canada, ASN11239 (SKYCOMP-01, CA),
Reverse DNS
cp7.skycomp.ca
Software
Apache /
Resource Hash
3e753f00963f3abc2eaea35b5f6c9a09f3de96284fb7d91eedbbe37b1949fd5d

Request headers

Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 17:05:40 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Oct 2020 14:50:56 GMT
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml"
Cache-Control
max-age=290304000, public
Connection
close
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
403
logo-1.png
www.kilmergroup.com/wp-content/uploads/2015/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kilmergroup.com/wp-content/uploads/2015/10/logo-1.png
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.190.137.98 Orlando, United States, ASN33182 (DIMENOC, US),
Reverse DNS
malgwal.montanahosting.ca
Software
None /
Resource Hash
16b7cff1108356a4f8d02441c1a5e6285462f41b9bca45cb8ca110b8382bb87f

Request headers

Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 17:05:40 GMT
Last-Modified
Fri, 18 Dec 2015 14:43:26 GMT
Server
None
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=150
Content-Length
2942
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Origin
https://www.covid.danima.com
Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 17:05:40 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
status
200
etag
W/"5eb09f0f-11abc"
vary
Accept-Encoding
x-hw
1602263140.dop215.fr8.t,1602263140.cds260.fr8.hn,1602263140.cds240.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24606
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.covid.danima.com
Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
12022380
x-cache
HIT, HIT
status
200
content-length
7503
etag
W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by
cache-fra19170-FRA, cache-hhn4054-HHN
date
Fri, 09 Oct 2020 17:05:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.covid.danima.com
Referer
https://www.covid.danima.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 09 Oct 2020 17:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Aug 2020 16:43:44 GMT
status
200
etag
"1596732224"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14811
delete.png
www.covid.danima.com/images/icons/ 		752 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.covid.danima.com/images/icons/delete.png
Requested by
Host: www.covid.danima.com
URL: https://www.covid.danima.com/css/notices.default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.168.249.17 , Canada, ASN11239 (SKYCOMP-01, CA),
Reverse DNS
cp7.skycomp.ca
Software
Apache /
Resource Hash
25f039813aea9ab819c6f23f9e9af44c568e56d0ec1bb7b46658d74f8e51366f

Request headers

Referer
https://www.covid.danima.com/css/notices.default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 09 Oct 2020 17:05:40 GMT
Last-Modified
Fri, 02 Oct 2020 14:51:52 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml"
Cache-Control
max-age=290304000, public
Connection
close
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
752

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery function| Popper object| bootstrap

1 Cookies

Domain/Path Name / Value
www.covid.danima.com/ Name: PHPSESSID
Value: 3967131b91161a48fdb1527b424476ec