postcovidconsulting.ca

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 66.96.134.42, located in Burlington, United States and belongs to BIZLAND-SD, US. The main domain is postcovidconsulting.ca.

This is the only time postcovidconsulting.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	66.96.134.42 66.96.134.42	29873 (BIZLAND-SD) (BIZLAND-SD)
1	35.242.251.130 35.242.251.130	15169 (GOOGLE) (GOOGLE)
3	2

2 66.96.134.42 (Burlington, United States)

ASN29873 (BIZLAND-SD, US)
PTR: 42.134.96.66.static.eigbox.net

postcovidconsulting.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.242.251.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 130.251.242.35.bc.googleusercontent.com

fortunaventures.wixsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	postcovidconsulting.ca postcovidconsulting.ca	842 B
1	wixsite.com fortunaventures.wixsite.com
3	2

	Domain	Requested by
2	postcovidconsulting.ca	postcovidconsulting.ca
1	fortunaventures.wixsite.com	postcovidconsulting.ca
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.wixsite.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-28` - `2020-11-24`	6 months	crt.sh

This page contains 3 frames:

Primary Page: http://postcovidconsulting.ca/
Frame ID: 5F97889A00471632D58AAA84FAEE0165
Requests: 1 HTTP requests in this frame

Frame: https://fortunaventures.wixsite.com/postcovidconsulting
Frame ID: 597FDA1BAD47CE27828805DD9921B1DF
Requests: 1 HTTP requests in this frame

Frame: http://postcovidconsulting.ca/blank.html
Frame ID: 6B08234549F1A2461C2C8E846C16AFDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response postcovidconsulting.ca/	167 B 506 B	377ms 220ms	Document text/html	66.96.134.42 BIZLAND-SD
General Check archive.org Show headers Download Go to Full URL http://postcovidconsulting.ca/ Protocol HTTP/1.1 Server 66.96.134.42 Burlington, United States, ASN29873 (BIZLAND-SD, US), Reverse DNS 42.134.96.66.static.eigbox.net Software Apache/2 / Resource Hash `09fefda74119e44610d2c8d73ddfd6f3eebf5809dd5a8e44420cb40ab4be6b5a` Request headers Host postcovidconsulting.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 16:39:37 GMT Content-Type text/html Content-Length 167 Connection keep-alive Keep-Alive timeout=30 Server Apache/2 Last-Modified Wed, 29 Apr 2020 16:38:36 GMT ETag "a7-5a47094695ddb" Cache-Control max-age=3600 Expires Thu, 04 Jun 2020 17:39:37 GMT Accept-Ranges bytes Age 0
GET H2	200	postcovidconsulting fortunaventures.wixsite.com/ Frame 597F	0 0	308ms 153ms	Document text/html	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fortunaventures.wixsite.com/postcovidconsulting Requested by Host: postcovidconsulting.ca URL: http://postcovidconsulting.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.15.10 / Resource Hash Request headers :method GET :authority fortunaventures.wixsite.com :scheme https :path /postcovidconsulting pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest frame referer http://postcovidconsulting.ca/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://postcovidconsulting.ca/ Response headers status 200 date Thu, 04 Jun 2020 16:39:38 GMT content-type text/html;charset=utf-8 content-language en-US x-wix-request-id 1591288778.19410778388128817 link <https://static.parastorage.com/>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://static.wixstatic.com/>; rel=preconnect;,<https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js>; rel=preload; as=script;,<https://static.parastorage.com/unpkg/lodash@4.17.15/lodash.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.parastorage.com/unpkg/zepto@1.2.0/dist/zepto.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/services/wix-bolt/1.5997.0/bolt-main/app/main-r.min.js>; rel=preload; as=script ; crossorigin=anonymous; age 0 set-cookie ssr-caching="cache#desc=hit#varnish=miss#dc#desc=euw3";Version=1;Expires=Thu, 04-Jun-2020 16:39:58 GMT;Max-Age=20 hs=379567761; Path=/; Domain=fortunaventures.wixsite.com; HTTPOnly svSession=1d9355ee4ac14cf6e583e267475a3b0a29ade4ce92eaf6632813d2cb328729f521cd68cc15df1e7e481b5f227573793e1e60994d53964e647acf431e4f798bcdcd686226bc58893e2a2a776ad36547094c169fed0d45682e93fa6d611c48db2a; Max-Age=63071999; Expires=Sat, 04 Jun 2022 16:39:37 GMT; Path=/postcovidconsulting; Domain=fortunaventures.wixsite.com XSRF-TOKEN=1591288778\|XZ_1U2ZPAqKz; Path=/; Domain=fortunaventures.wixsite.com server-timing cache;desc=hit, varnish;desc=miss, dc;desc=euw3 expires Thu, 01 Jan 1970 00:00:00 GMT vary Accept-Encoding x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVgEuK6Txmr48U88kMbE9le6,2d58ifebGbosy5xc+FRaloPX4ngKfQM8fEHbwELHijkyI+zadggh8NfmVD3VHcGDWIHlCalF7YnfvOr2cMPpyw==,Nlv1KFVtIvAfa3AK9dRsI5QGcs+BtJHFqNZCSHtxNEFWd3xniMsr1HjrszKGvMzr,2UNV7KOq4oGjA5+PKsX47FDtGCr72w4BMu4v3sd6ZGU=,qquldgcFrj2n046g4RNSVAiOxhA7Vkxnx3Qqcd3yJLo=,1wy2ILu/S4rlWT/R4rqCrWnuokORQFBV3Lk74eVRPTM=,x1Sj9Xv8W8xC18ngt0x3MzNX9a5WfOtqU++9qaHuxtdiQooYB5LnDiMvFq3HRJW9MTeLBVDK/a6qZ188mGDv2g==,l7Ey5khejq81S7sxGe5Nk9ifBo48QZO3jRIRbNLVjdOTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Ts+7R/4FijtA6c9psi3FQOBJJAde+nHiioArCyBaZXWTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Tw2AanFDQ+Wwo8Xxk6ZL7vOBx+hvh2Cbd7MMNUXzbHFUGEH7g5wpOqN0LNdhP49z51lp7TOhef6ZjlcokaeKVOUly6KmvKnzbixiTJY+Ats= cache-control private,max-age=0,must-revalidate server Pepyaka/1.15.10 content-encoding gzip
GET H/1.1	200 OK	blank.html Show response postcovidconsulting.ca/ Frame 6B08	0 336 B	123ms 122ms	Document text/html	66.96.134.42 BIZLAND-SD
General Check archive.org Show headers Download Go to Full URL http://postcovidconsulting.ca/blank.html Requested by Host: postcovidconsulting.ca URL: http://postcovidconsulting.ca/ Protocol HTTP/1.1 Server 66.96.134.42 Burlington, United States, ASN29873 (BIZLAND-SD, US), Reverse DNS 42.134.96.66.static.eigbox.net Software Apache/2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Host postcovidconsulting.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://postcovidconsulting.ca/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://postcovidconsulting.ca/ Response headers Date Thu, 04 Jun 2020 16:39:37 GMT Content-Type text/html Content-Length 0 Connection keep-alive Keep-Alive timeout=30 Server Apache/2 Last-Modified Wed, 29 Apr 2020 16:38:36 GMT ETag "0-5a4709469fa1e" Cache-Control max-age=3600 Expires Thu, 04 Jun 2020 17:39:38 GMT Accept-Ranges bytes Age 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fortunaventures.wixsite.com/	1969-12-31 23:59:59	Name: hs Value: 379567761
fortunaventures.wixsite.com/	1970-01-19 10:01:28	Name: ssr-caching Value: "cache#desc=hit#varnish=miss#dc#desc=euw3"
.fortunaventures.wixsite.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1591288778\|XZ_1U2ZPAqKz
.fortunaventures.wixsite.com/postcovidconsulting	1970-01-20 03:32:40	Name: svSession Value: 1d9355ee4ac14cf6e583e267475a3b0a29ade4ce92eaf6632813d2cb328729f521cd68cc15df1e7e481b5f227573793e1e60994d53964e647acf431e4f798bcdcd686226bc58893e2a2a776ad36547094c169fed0d45682e93fa6d611c48db2a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fortunaventures.wixsite.com
postcovidconsulting.ca
35.242.251.130
66.96.134.42
09fefda74119e44610d2c8d73ddfd6f3eebf5809dd5a8e44420cb40ab4be6b5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

postcovidconsulting.ca Open in urlscan Pro 66.96.134.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1 kBTransfer

0 kBSize

4 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

Indicators

postcovidconsulting.ca Open in urlscan Pro
66.96.134.42 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

4
Cookies

3 HTTP transactions
0 data transactions