urlscan.io logo urlscan.io
SecurityTrails logo

nigeriacovid.com Open in urlscan Pro
198.54.115.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nigeriacovid.com/
Effective URL: https://nigeriacovid.com/
Submission: On May 20 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 198.54.115.169, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is nigeriacovid.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 17th 2020. Valid for: a year.
This is the only time nigeriacovid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 198.54.115.169 22612 (NAMECHEAP...)
4 52.222.182.117 16509 (AMAZON-02)
5 2
Apex Domain
Subdomains		 Transfer
4 tableau.com
public.tableau.com
135 KB
2 nigeriacovid.com
nigeriacovid.com
2 KB
5 2
Domain Requested by
4 public.tableau.com nigeriacovid.com
public.tableau.com
2 nigeriacovid.com 1 redirects
5 2

This site contains no links.

Subject Issuer Validity Valid
nigeriacovid.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-17 -
2021-04-17		 a year crt.sh
public.tableau.com
Amazon		 2020-03-03 -
2021-04-03		 a year crt.sh

This page contains 3 frames:

Primary Page: https://nigeriacovid.com/
Frame ID: 6050BF8A494F6F4F5EE9AA598212CD41
Requests: 3 HTTP requests in this frame

Frame: https://public.tableau.com/views/CoronaVirus_15857571692200/Sheet2?:showVizHome=no&:embed=true:&:showShareOptions=false
Frame ID: BC8F9F00E99E47535094C2C6B051FBB2
Requests: 1 HTTP requests in this frame

Frame: https://public.tableau.com/views/CoronaVirus_15857571692200/Dashboard1?:showShareOptions=false?:embed=y&:showVizHome=no&:host_url=https%3A%2F%2Fpublic.tableau.com%2F&:embed_code_version=4&:tabs=no&:toolbar=no&:animate_transition=yes&:display_static_image=no&:display_spinner=no&:display_overlay=yes&:display_count=yes&publish=yes&:loadOrderID=0
Frame ID: A61779596824D08E6A8B2B4153CDE727
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nigeriacovid.com/ HTTP 301
    https://nigeriacovid.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

137 kB
Transfer

147 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nigeriacovid.com/ HTTP 301
    https://nigeriacovid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nigeriacovid.com/
Redirect Chain
  • http://nigeriacovid.com/
  • https://nigeriacovid.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nigeriacovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.169 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server254-3.web-hosting.com
Software
Apache /
Resource Hash
3d085dbe6ad100417db5824c9a6290775b307b326f9ceda88fbfe0959ec23e96

Request headers

:method
GET
:authority
nigeriacovid.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 20 May 2020 05:16:19 GMT
server
Apache
last-modified
Tue, 19 May 2020 23:31:16 GMT
accept-ranges
none
vary
Accept-Encoding
content-encoding
gzip
content-length
1402
content-type
text/html

Redirect headers

Date
Wed, 20 May 2020 05:16:19 GMT
Server
Apache
Location
https://nigeriacovid.com
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
viz_v1.js
public.tableau.com/javascripts/api/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tableau.com/javascripts/api/viz_v1.js
Requested by
Host: nigeriacovid.com
URL: https://nigeriacovid.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-117.ham50.r.cloudfront.net
Software
nginx/1.13.12 /
Resource Hash
4357a5c6987a4eb78e4b448da145e552f266bb36dcdacb00d73018dbc991bfde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nigeriacovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 05:04:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
698
x-cache
Hit from cloudfront
p3p
CP="NON"
status
200
x-tableau
Tableau Server
content-length
5652
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
access-control-allow-origin
http://public.tableau.com
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 May 2020 01:55:41 GMT
server
nginx/1.13.12
etag
"3d49-5a4f10fb5a92a-gzip"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 7af275149e007e66f1ddcb08c8a41ad2.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
kR5miSx97TTdHN0igCkoC8FsoqegbmsnVv2VYZbNvY4OBAwK9Rw6XA==
expires
Wed, 20 May 2020 06:04:42 GMT
Sheet2
public.tableau.com/views/CoronaVirus_15857571692200/ Frame BC8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.tableau.com/views/CoronaVirus_15857571692200/Sheet2?:showVizHome=no&:embed=true:&:showShareOptions=false
Requested by
Host: nigeriacovid.com
URL: https://nigeriacovid.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-117.ham50.r.cloudfront.net
Software
nginx/1.13.12 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
public.tableau.com
:scheme
https
:path
/views/CoronaVirus_15857571692200/Sheet2?:showVizHome=no&:embed=true:&:showShareOptions=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nigeriacovid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nigeriacovid.com/

Response headers

status
200
content-type
text/html;charset=utf-8
content-length
22199
access-control-allow-origin
http://public.tableau.com
cache-control
no-store
content-encoding
gzip
content-language
en-US
date
Wed, 20 May 2020 05:16:20 GMT
p3p
CP="NON"
referrer-policy
no-referrer-when-downgrade
server
nginx/1.13.12
set-cookie
tableau_locale=en; HttpOnly; Secure; SameSite=None; Path=/ tableau_public_negotiated_locale=en-us;Path=/;SameSite=None;Secure;
vary
Accept-Encoding
x-content-type-options
nosniff
x-session-id
12E3E97160F54277BED5581023521340-0:0
x-tableau
Tableau Server
x-tsi-request-id
XsS9JOCw2MPSiqtUYc9lFQAAAOg
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
x-cache
Miss from cloudfront
via
1.1 7af275149e007e66f1ddcb08c8a41ad2.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
8zXEwLQF1gVVlBWHiqAop6oIDpy6N3_wBSGs6mP94sbPAWgNHsh4WA==
Dashboard1
public.tableau.com/views/CoronaVirus_15857571692200/ Frame A617 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://public.tableau.com/views/CoronaVirus_15857571692200/Dashboard1?:showShareOptions=false?:embed=y&:showVizHome=no&:host_url=https%3A%2F%2Fpublic.tableau.com%2F&:embed_code_version=4&:tabs=no&:toolbar=no&:animate_transition=yes&:display_static_image=no&:display_spinner=no&:display_overlay=yes&:display_count=yes&publish=yes&:loadOrderID=0
Requested by
Host: public.tableau.com
URL: https://public.tableau.com/javascripts/api/viz_v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-117.ham50.r.cloudfront.net
Software
nginx/1.13.12 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
public.tableau.com
:scheme
https
:path
/views/CoronaVirus_15857571692200/Dashboard1?:showShareOptions=false?:embed=y&:showVizHome=no&:host_url=https%3A%2F%2Fpublic.tableau.com%2F&:embed_code_version=4&:tabs=no&:toolbar=no&:animate_transition=yes&:display_static_image=no&:display_spinner=no&:display_overlay=yes&:display_count=yes&publish=yes&:loadOrderID=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nigeriacovid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tableau_locale=en; tableau_public_negotiated_locale=en-us; _ga=GA1.2.1126954028.1589951781; _gid=GA1.2.646577236.1589951781; _gat_UA-625217-22=1; _gat_UA-625217-47=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://nigeriacovid.com/

Response headers

status
200
content-type
text/html;charset=utf-8
content-length
22264
access-control-allow-origin
http://public.tableau.com
cache-control
no-store
content-encoding
gzip
content-language
en-US
date
Wed, 20 May 2020 05:16:22 GMT
p3p
CP="NON"
referrer-policy
no-referrer-when-downgrade
server
nginx/1.13.12
set-cookie
tableau_locale=en; HttpOnly; Secure; SameSite=None; Path=/ tableau_public_negotiated_locale=en-us;Path=/;SameSite=None;Secure;
vary
Accept-Encoding
x-content-type-options
nosniff
x-session-id
F5C7674C581C4D058D4CCC399E5FB58D-0:0
x-tableau
Tableau Server
x-tsi-request-id
XsS9JlbMdd4nVHzux0IYDwAAALU
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
x-cache
Miss from cloudfront
via
1.1 7af275149e007e66f1ddcb08c8a41ad2.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
OPA6Ogzqh1-lelRDhOoB7pyoOCvwVpj2BieUgag2fTlpX_utJIxkaQ==
1.png
public.tableau.com/static/images/Co/CoronaVirus_15857571692200/Dashboard1/ 		128 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public.tableau.com/static/images/Co/CoronaVirus_15857571692200/Dashboard1/1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-117.ham50.r.cloudfront.net
Software
nginx/1.13.12 /
Resource Hash
eb86b54923685899e6614e3b2e4eedd01af66e0d008b64584f70d856da4511aa

Request headers

Referer
https://nigeriacovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 05:16:21 GMT
via
1.1 7af275149e007e66f1ddcb08c8a41ad2.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 22:57:59 GMT
server
nginx/1.13.12
x-amz-cf-pop
HAM50-C1
etag
"270c4ef80c8e360ff0a43dd9417c69af"
x-cache
Miss from cloudfront
x-amz-version-id
lwYb6tAAMsh1igW8pOi_m25SOHSCLf8P
status
200
cache-control
max-age=3600, public
accept-ranges
bytes
content-type
image/png
content-length
131398
x-amz-cf-id
NtRvVT40k7VxRuJS_u7DDhJdwwh_hebAw2hPGjYiPHVF1lQmy_ufdQ==
expires
Wed, 20 May 2020 06:16:21 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| divElement object| vizElement object| scriptElement object| today string| date object| tableau

6 Cookies

Domain/Path Name / Value
.tableau.com/ Name: _gat_UA-625217-22
Value: 1
.tableau.com/ Name: _gid
Value: GA1.2.646577236.1589951781
.tableau.com/ Name: _gat_UA-625217-47
Value: 1
public.tableau.com/ Name: tableau_locale
Value: en
.tableau.com/ Name: _ga
Value: GA1.2.1126954028.1589951781
public.tableau.com/ Name: tableau_public_negotiated_locale
Value: en-us

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nigeriacovid.com
public.tableau.com
198.54.115.169
52.222.182.117
3d085dbe6ad100417db5824c9a6290775b307b326f9ceda88fbfe0959ec23e96
4357a5c6987a4eb78e4b448da145e552f266bb36dcdacb00d73018dbc991bfde
eb86b54923685899e6614e3b2e4eedd01af66e0d008b64584f70d856da4511aa