covid.supportandsave.org Open in urlscan Pro
2606:4700:3035::681c:35d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covid.supportandsave.org/
Submission: On April 08 via automatic, source certstream-suspicious (April 8th 2020, 4:34:20 pm UTC)

Summary HTTP 14 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3035::681c:35d, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid.supportandsave.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 22nd 2019. Valid for: a year.

This is the only time covid.supportandsave.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2606:4700:303... 2606:4700:3035::681c:35d		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a		15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::393 2a04:4e42:3::393		54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:820::2003		15169 (GOOGLE) (GOOGLE)
14	4

9 2606:4700:3035::681c:35d (United States)

ASN13335 (CLOUDFLARENET, US)

covid.supportandsave.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	supportandsave.org covid.supportandsave.org	188 KB
2	gstatic.com fonts.gstatic.com	73 KB
2	googleapis.com fonts.googleapis.com	900 B
1	cloudinary.com res.cloudinary.com	19 KB
14	4

	Domain	Requested by
9	covid.supportandsave.org	covid.supportandsave.org
2	fonts.gstatic.com	covid.supportandsave.org
2	fonts.googleapis.com	covid.supportandsave.org
1	res.cloudinary.com	covid.supportandsave.org
14	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-22` - `2020-08-21`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2018-07-01` - `2020-06-22`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://covid.supportandsave.org/
Frame ID: BAA19DFD0156527E85E69CDBAB67EDE3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
script /materialize(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link[^>]* href="[^"]*materialize(?:\.min)?\.css/i
script /materialize(?:\.min)?\.js/i

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

281 kB
Transfer

624 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
covid.supportandsave.org/ 7 KB
2 KB 161ms
114ms Document
text/html 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e672de98f17eef86ed8d3befba9e0be7f78a5a050e174b5029e45ecd1baa8ea4

Request headers

:method: GET
:authority: covid.supportandsave.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Wed, 08 Apr 2020 16:33:42 GMT
content-type: text/html
set-cookie: __cfduid=dd59310f9c4eceab769b909698c6218331586363622; expires=Fri, 08-May-20 16:33:42 GMT; path=/; domain=.supportandsave.org; HttpOnly; SameSite=Lax
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 580d6441d9db96da-FRA
content-encoding: br

GET
H2 200 font-awesome.min.css
covid.supportandsave.org/lib/font-awesome/css/ 30 KB
7 KB 549ms
547ms Stylesheet
text/css 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/lib/font-awesome/css/font-awesome.min.css
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 16:33:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"7918-5e8dfb24-209683193c73a799;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9196da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 materialize.min.css
covid.supportandsave.org/css/ 138 KB
20 KB 1445ms
1444ms Stylesheet
text/css 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/css/materialize.min.css
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0afafa9a5b118bfb0a54c5dda5b8a9b20ef1062d8d610e1c1332585307e09256

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 16:33:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"228b1-5e8dfb24-7c1f76e4792e3707;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9596da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 normalize.css
covid.supportandsave.org/css/ 8 KB
2 KB 7297ms
7295ms Stylesheet
text/css 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/css/normalize.css
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 16:33:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"1e27-5e8dfb24-6c91b61e3d97fce8;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9796da-FRA
expires: Wed, 15 Apr 2020 16:33:50 GMT

GET
H2 200 style.css
covid.supportandsave.org/css/ 22 KB
4 KB 729ms
728ms Stylesheet
text/css 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/css/style.css
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cdf9bea45d70b7c1176a0ef33d20784e43046902732a3c2801c0ad4f6f14c24

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 08 Apr 2020 16:33:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"58c2-5e8dfb24-d68da0ec4573c497;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9896da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 icon
fonts.googleapis.com/ 574 B
468 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 16:33:42 GMT
server: ESF
date: Wed, 08 Apr 2020 16:33:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Apr 2020 16:33:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
432 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Apr 2020 16:33:42 GMT
server: ESF
date: Wed, 08 Apr 2020 16:33:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Apr 2020 16:33:42 GMT

GET
H2 200 ss_logo1_owrlrd.png
res.cloudinary.com/mallinamala/image/upload/v1566533991/ 18 KB
19 KB 494ms
492ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mallinamala/image/upload/v1566533991/ss_logo1_owrlrd.png

Requested by

Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3d813900a174c81bac0ff7ec04e2c45aef88f901dd29753ec4383eaff067de6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 16:33:43 GMT
last-modified: Fri, 23 Aug 2019 04:19:52 GMT
server: Cloudinary
access-control-allow-origin: *
etag: "bc3e15835c89012c24bea1788c9cf125"
strict-transport-security: max-age=604800
content-type: image/png
status: 200
access-control-expose-headers: Content-Length,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: cloudinary;dur=214;start=2020-04-08T16:33:43.040Z,fastly;dur=180;total=487;start=2020-04-08T16:33:42.816Z;desc=miss,rtt;dur=10
accept-ranges: bytes
timing-allow-origin: *
content-length: 18754

GET
H2 200 jquery.min.js Show response
covid.supportandsave.org/js/ 85 KB
29 KB 1453ms
1452ms Script
application/x-javascript 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/js/jquery.min.js
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 16:33:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"15283-5e8dfb24-87936b29c17d697b;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9a96da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 materialize.min.js Show response
covid.supportandsave.org/js/ 162 KB
48 KB 2038ms
2037ms Script
application/x-javascript 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/js/materialize.min.js
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96b525d112bc07f647494c8af5b307c71499ff77f590eacef68042ce1d74063

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 16:33:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"2894d-5e8dfb24-38487b961aa0b68d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9c96da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 custom.js Show response
covid.supportandsave.org/js/ 4 KB
1 KB 539ms
538ms Script
application/x-javascript 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/js/custom.js
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8c6fe6d8da9d157ea8787c751817c736596cacae0f049282135579492ddd576

Request headers

Referer: https://covid.supportandsave.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 08 Apr 2020 16:33:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: W/"ee0-5e8dfb24-9683c3fc0c863e26;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 580d64429a9d96da-FRA
expires: Wed, 15 Apr 2020 16:33:43 GMT

GET
H2 200 fontawesome-webfont.woff2
covid.supportandsave.org/lib/font-awesome/fonts/ 75 KB
76 KB 1160ms
1159ms Font
font/woff2 2606:4700:3035::681c:35d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.supportandsave.org/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/js/materialize.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:35d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://covid.supportandsave.org/lib/font-awesome/css/font-awesome.min.css
Origin: https://covid.supportandsave.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 Apr 2020 16:33:51 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Apr 2020 16:26:12 GMT
server: cloudflare
etag: "12d68-5e8dfb24-750368d9f7855aba;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 580d64704d4796da-FRA
content-length: 77160
expires: Wed, 15 Apr 2020 16:33:51 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/js/materialize.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lato
Origin: https://covid.supportandsave.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 10:25:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 367698
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Sun, 04 Apr 2021 10:25:32 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/ 59 KB
60 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: covid.supportandsave.org
URL: https://covid.supportandsave.org/js/materialize.min.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://covid.supportandsave.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 20:01:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 01:57:25 GMT
server: sffe
age: 2493112
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Wed, 10 Mar 2021 20:01:58 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| _classCallCheck function| _createClass function| getTime function| Vel function| Hammer object| Materialize object| Waves function| validate_field

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.supportandsave.org/	1970-01-19 09:22:35	Name: __cfduid Value: d489a1e62096ba74d73e727de6ac676851586363630

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid.supportandsave.org
fonts.googleapis.com
fonts.gstatic.com
res.cloudinary.com
2606:4700:3035::681c:35d
2a00:1450:4001:80b::200a
2a00:1450:4001:820::2003
2a04:4e42:3::393
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0afafa9a5b118bfb0a54c5dda5b8a9b20ef1062d8d610e1c1332585307e09256
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3d813900a174c81bac0ff7ec04e2c45aef88f901dd29753ec4383eaff067de6f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cdf9bea45d70b7c1176a0ef33d20784e43046902732a3c2801c0ad4f6f14c24
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b96b525d112bc07f647494c8af5b307c71499ff77f590eacef68042ce1d74063
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e672de98f17eef86ed8d3befba9e0be7f78a5a050e174b5029e45ecd1baa8ea4
e8c6fe6d8da9d157ea8787c751817c736596cacae0f049282135579492ddd576