www.covid19.com Open in urlscan Pro
216.239.138.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.covid19.com/
Effective URL:
https://www.covid19.com/
Submission Tags: falconsandbox
Submission: On December 11 via api (December 11th 2021, 4:57:48 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 216.239.138.50, located in Tempe, United States and belongs to OMNIS, US. The main domain is www.covid19.com.
TLS certificate: Issued by R3 on November 20th 2021. Valid for: 3 months.

This is the only time www.covid19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	216.239.138.50 216.239.138.50	19237 (OMNIS) (OMNIS)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3 3	89.207.16.72 89.207.16.72	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	104.111.248.232 104.111.248.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.216.245.228 52.216.245.228	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
15	5

10 216.239.138.50 (Tempe, United States) 1 redirects

ASN19237 (OMNIS, US)
PTR: 216-239-138.50.cluster.omnis.com

www.covid19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.207.16.72 (United States) 3 redirects

ASN41041 (VCLK-EU-SE, US)

www.lduhtrp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tqlkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.248.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-232.deploy.static.akamaitechnologies.com

www.yceml.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.245.228 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ticketnetwork.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	covid19.com 1 redirects www.covid19.com	61 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	yceml.net www.yceml.net	23 KB
2	lduhtrp.net 2 redirects www.lduhtrp.net	936 B
1	amazonaws.com ticketnetwork.s3.amazonaws.com	93 KB
1	tqlkg.com 1 redirects www.tqlkg.com	437 B
1	googletagmanager.com www.googletagmanager.com	36 KB
15	7

	Domain	Requested by
10	www.covid19.com	1 redirects www.covid19.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.yceml.net	www.covid19.com
2	www.lduhtrp.net	2 redirects
1	ticketnetwork.s3.amazonaws.com	www.covid19.com
1	www.tqlkg.com	1 redirects
1	www.googletagmanager.com	www.covid19.com
15	7

This site contains links to these domains. Also see Links.

Domain
www.cidrap.umn.edu
www.osterholmupdate.com
www.gofundme.com
www.jdoqocy.com
www.tkqlhce.com

Subject Issuer	Validity	Valid
covid19.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.covid19.com/
Frame ID: 080797A44B190164A08D21149017C604
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Covid19.com

Page URL History Show full URLs

http://www.covid19.com/ HTTP 302
https://www.covid19.com/ Page URL

Page Statistics

15
Requests

80 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

233 kB
Transfer

477 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cidrap.umn.edu/
Title: The Center for Infectious Disease Research and Policy (CIDRAP)

Search URL Search Domain Scan URL

URL: https://www.osterholmupdate.com/
Title: The Osterholm Update - a weekly podcast on the pandemic with Dr. Michael Osterholm, Director of CIDRAP

Search URL Search Domain Scan URL

URL: https://www.gofundme.com/f/frontlinerespondersfund/
Title: The Frontline Responders Fund

Search URL Search Domain Scan URL

URL: https://www.jdoqocy.com/sf105nmvsmu9BAADJFABB9BDGIJBFE

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/l7101xdmjdl02114A6122025596558

Search URL Search Domain Scan URL

URL: https://www.tkqlhce.com/rb101p-85-7NPOORXTOORNPSROVVUV

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.covid19.com/ HTTP 302
https://www.covid19.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.lduhtrp.net/dt121jy1qwuFHGGJPLGHHFHJMOPHLK HTTP 302
https://www.yceml.net/0322/13689154-1556655979620

Request Chain 10

https://www.tqlkg.com/t982kpthnl6877AGC78868BBFCBBE HTTP 302
https://www.yceml.net/0967/14485447-1617176282577

Request Chain 11

https://www.lduhtrp.net/fh77z15u-yJLKKNTPKKNJLONKRRQR HTTP 302
https://ticketnetwork.s3.amazonaws.com/assets/images/email/promo/affiliates+/ct-biotech/ct-biotech-600x300.jpg

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.covid19.com/
Redirect Chain

http://www.covid19.com/
https://www.covid19.com/

3 KB
2 KB

466ms
168ms

Document
text/html

216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 3837ddd619e28f5b97533e69dce76532695b901c8b575c1a16de3ce332aa8893

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: openresty/1.15.8.2
date: Sat, 11 Dec 2021 04:57:44 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Sun, 02 May 2021 21:01:36 GMT
etag: W/"cc6-5c15f2694e8f1"
x-proxy-cache: BYPASS
content-encoding: gzip

Redirect headers

Server: openresty/1.15.8.2
Date: Sat, 11 Dec 2021 04:57:43 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
Location: https://www.covid19.com/
Cache-Control: private, no-store, no-cache

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8000483-18

Requested by

Host: www.covid19.com
URL: https://www.covid19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02ba6de8e8de196fa13a70ff12a8135682619e742e87cb088f16a298fe6cd775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36232
x-xss-protection: 0
last-modified: Sat, 11 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 11 Dec 2021 04:57:44 GMT

GET
H2 200 supersized_002.css
www.covid19.com/css/ 2 KB
840 B 162ms
161ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/supersized_002.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 074c2e67ea585942cf97e40a309ff86c4adf99cf994b6e9e6cde4d9f668d6855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:01 GMT
server: openresty/1.15.8.2
etag: W/"618-5a2e29220f1ca"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 bootstrap.css
www.covid19.com/css/ 79 KB
13 KB 161ms
160ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/bootstrap.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: bb473a30b4289b7521aaab7f22750c618197882ab701ce7ee466441d98810319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:02 GMT
server: openresty/1.15.8.2
etag: W/"13cfe-5a2e292359ef2"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 bootstrap-responsive.css
www.covid19.com/css/ 11 KB
2 KB 433ms
432ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/bootstrap-responsive.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: ead24db942ef7c888bba800076e5fb85d31387d4bafa32977d871b5d208155da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:03 GMT
server: openresty/1.15.8.2
etag: W/"2af6-5a2e29239e4d7"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 supersized.css
www.covid19.com/css/ 5 KB
2 KB 432ms
431ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/supersized.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:01 GMT
server: openresty/1.15.8.2
etag: W/"1296-5a2e292258999"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 custom.css
www.covid19.com/css/ 2 KB
635 B 165ms
164ms Stylesheet
text/css 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/css/custom.css
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 59094f5d38c76fda29fcd61f5d60e0c1ccb0b6c98d8c083d576ec6ab2a58bfb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Fri, 10 Apr 2020 06:12:24 GMT
server: openresty/1.15.8.2
etag: W/"6a0-5a2e99dee6846"
vary: Accept-Encoding
content-type: text/css
x-proxy-cache: BYPASS

GET
H2 200 jquery_002.js Show response
www.covid19.com/js/ 93 KB
33 KB 165ms
164ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/jquery_002.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 117146f6e72b65b44827f5efb662e309820d11f6f62c28a87e09451c30302d7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:59 GMT
server: openresty/1.15.8.2
etag: W/"17277-5a2e295906043"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H2 200 jquery.js Show response
www.covid19.com/js/ 7 KB
2 KB 160ms
160ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/jquery.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: 7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:48:59 GMT
server: openresty/1.15.8.2
etag: W/"1b86-5a2e29594b1a5"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H2 200 bootstrap.js Show response
www.covid19.com/js/ 22 KB
6 KB 431ms
430ms Script
application/javascript 216.239.138.50
OMNIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covid19.com/js/bootstrap.js
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.239.138.50 Tempe, United States, ASN19237 (OMNIS, US),
Reverse DNS: 216-239-138.50.cluster.omnis.com
Software: openresty/1.15.8.2 /
Resource Hash: e55688521444cedc39f64c913e019ef53dfb8c6a96b8471c0eb8944d8c5e43cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 21:49:00 GMT
server: openresty/1.15.8.2
etag: W/"5761-5a2e2959ddd83"
vary: Accept-Encoding
content-type: application/javascript
x-proxy-cache: BYPASS

GET
H/1.1

200
OK

13689154-1556655979620
www.yceml.net/0322/
Redirect Chain

https://www.lduhtrp.net/dt121jy1qwuFHGGJPLGHHFHJMOPHLK
https://www.yceml.net/0322/13689154-1556655979620

18 KB
18 KB

97ms
30ms

Image
image/png

104.111.248.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0322/13689154-1556655979620
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: HTTP/1.1
Server: 104.111.248.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-232.deploy.static.akamaitechnologies.com
Software: Server /
Resource Hash: a5fc29a5b405c48b1943308b079bab10c219ef91f3d2fdc005deb94eba4b94f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 04:57:44 GMT
Cache-Control: max-age=456616
Server: Server
Connection: keep-alive
Content-Length: 18636
Expires: Thu, 16 Dec 2021 11:48:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 04:57:44 GMT
Server: Server
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://www.yceml.net/0322/13689154-1556655979620
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87
Expires: Sat, 11 Dec 2021 04:57:44 GMT

GET
H/1.1

200
OK

14485447-1617176282577
www.yceml.net/0967/
Redirect Chain

https://www.tqlkg.com/t982kpthnl6877AGC78868BBFCBBE
https://www.yceml.net/0967/14485447-1617176282577

4 KB
4 KB

88ms
19ms

Image
image/png

104.111.248.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yceml.net/0967/14485447-1617176282577
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: HTTP/1.1
Server: 104.111.248.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-232.deploy.static.akamaitechnologies.com
Software: Server /
Resource Hash: 2bd82be6dc91b70ab72122779ffa318139a8a108c1b3de0265a361fc35b6eded

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 04:57:44 GMT
Cache-Control: max-age=262855
Server: Server
Connection: keep-alive
Content-Length: 4366
Expires: Tue, 14 Dec 2021 05:58:39 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 04:57:44 GMT
Server: Server
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://www.yceml.net/0967/14485447-1617176282577
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 87
Expires: Sat, 11 Dec 2021 04:57:44 GMT

GET
H/1.1

200
OK

ct-biotech-600x300.jpg
ticketnetwork.s3.amazonaws.com/assets/images/email/promo/affiliates+/ct-biotech/
Redirect Chain

https://www.lduhtrp.net/fh77z15u-yJLKKNTPKKNJLONKRRQR
https://ticketnetwork.s3.amazonaws.com/assets/images/email/promo/affiliates+/ct-biotech/ct-biotech-600x300.jpg

93 KB
93 KB

486ms
158ms

Image
image/jpeg

52.216.245.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ticketnetwork.s3.amazonaws.com/assets/images/email/promo/affiliates+/ct-biotech/ct-biotech-600x300.jpg
Requested by: Host: www.covid19.com
URL: https://www.covid19.com/
Protocol: HTTP/1.1
Server: 52.216.245.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7c8a3262cefe8868500ec5acd69f4d7f36f6ee923873cfd89fdefc0b772ae603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 11 Dec 2021 04:57:46 GMT
Last-Modified: Thu, 20 Aug 2020 12:11:48 GMT
Server: AmazonS3
x-amz-request-id: 9TEC4V9B1YZTCNFH
ETag: "dbceecc9b9ff72b4be6339462a1b7212"
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Accept-Ranges: bytes
Content-Length: 94816
x-amz-id-2: 8Kr+nxPaTuBG5dPQrbrgYjpQIfCgBQ5MQOquC0bB4Jb/92DnZXhvIXwrfRtKDph1NXz5J5EWEIU=

Redirect headers

Pragma: no-cache
Date: Sat, 11 Dec 2021 04:57:44 GMT
Server: Server
P3P: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Location: https://ticketnetwork.s3.amazonaws.com/assets/images/email/promo/affiliates+/ct-biotech/ct-biotech-600x300.jpg
Cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 148
Expires: Sat, 11 Dec 2021 04:57:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8000483-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covid19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6997
date: Sat, 11 Dec 2021 03:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 11 Dec 2021 05:01:07 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=530560764&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid19.com%2F&ul=en-us&de=UTF-8&dt=Covid19.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1411178182&gjid=30351765&cid=1195550015.1639198664&tid=UA-8000483-18&_gid=653805746.1639198664&_r=1&gtm=2ouc10&z=910740609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covid19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Dec 2021 04:57:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.covid19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.covid19.com/	1970-01-20 16:51:10	Name: _ga Value: GA1.2.1195550015.1639198664
.covid19.com/	1970-01-19 23:21:25	Name: _gid Value: GA1.2.653805746.1639198664
.covid19.com/	1970-01-19 23:19:58	Name: _gat_gtag_UA_8000483_18 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ticketnetwork.s3.amazonaws.com
www.covid19.com
www.google-analytics.com
www.googletagmanager.com
www.lduhtrp.net
www.tqlkg.com
www.yceml.net
104.111.248.232
216.239.138.50
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2008
52.216.245.228
89.207.16.72
02ba6de8e8de196fa13a70ff12a8135682619e742e87cb088f16a298fe6cd775
074c2e67ea585942cf97e40a309ff86c4adf99cf994b6e9e6cde4d9f668d6855
0f78a0b20a03db7a5a34c293a2a0c25e61c361aeccd13f85b609ba7e6ce0fd6b
117146f6e72b65b44827f5efb662e309820d11f6f62c28a87e09451c30302d7d
2bd82be6dc91b70ab72122779ffa318139a8a108c1b3de0265a361fc35b6eded
3837ddd619e28f5b97533e69dce76532695b901c8b575c1a16de3ce332aa8893
59094f5d38c76fda29fcd61f5d60e0c1ccb0b6c98d8c083d576ec6ab2a58bfb3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c8a3262cefe8868500ec5acd69f4d7f36f6ee923873cfd89fdefc0b772ae603
7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5fc29a5b405c48b1943308b079bab10c219ef91f3d2fdc005deb94eba4b94f5
bb473a30b4289b7521aaab7f22750c618197882ab701ce7ee466441d98810319
e55688521444cedc39f64c913e019ef53dfb8c6a96b8471c0eb8944d8c5e43cb
ead24db942ef7c888bba800076e5fb85d31387d4bafa32977d871b5d208155da

www.covid19.com Open in urlscan Pro 216.239.138.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

80 %HTTPS

33 %IPv6

7 Domains

7 Subdomains

5 IPs

2 Countries

233 kBTransfer

477 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Indicators

www.covid19.com Open in urlscan Pro
216.239.138.50 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

233 kB
Transfer

477 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions