postcovidconsulting.ca

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 66.96.134.42, located in Burlington, United States and belongs to BIZLAND-SD, US. The main domain is postcovidconsulting.ca.

This is the only time postcovidconsulting.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	66.96.134.42 66.96.134.42	29873 (BIZLAND-SD) (BIZLAND-SD)
1	35.242.251.130 35.242.251.130	15169 (GOOGLE) (GOOGLE)
3	2

2 66.96.134.42 (Burlington, United States)

ASN29873 (BIZLAND-SD, US)
PTR: 42.134.96.66.static.eigbox.net

postcovidconsulting.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.242.251.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 130.251.242.35.bc.googleusercontent.com

fortunaventures.wixsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	postcovidconsulting.ca postcovidconsulting.ca	842 B
1	wixsite.com fortunaventures.wixsite.com
3	2

	Domain	Requested by
2	postcovidconsulting.ca	postcovidconsulting.ca
1	fortunaventures.wixsite.com	postcovidconsulting.ca
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.wixsite.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-28` - `2020-11-24`	6 months	crt.sh

This page contains 3 frames:

Primary Page: http://postcovidconsulting.ca/
Frame ID: F7C0C25803F0E19B3AF9EEAA85ED4164
Requests: 1 HTTP requests in this frame

Frame: https://fortunaventures.wixsite.com/postcovidconsulting
Frame ID: 5B86A766E635DA78C63016FE8F17E221
Requests: 1 HTTP requests in this frame

Frame: http://postcovidconsulting.ca/blank.html
Frame ID: 5ECD63C066A1405A8D093036A1B5A865
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response postcovidconsulting.ca/	167 B 506 B	334ms 192ms	Document text/html	66.96.134.42 BIZLAND-SD
General Check archive.org Show headers Download Go to Full URL http://postcovidconsulting.ca/ Protocol HTTP/1.1 Server 66.96.134.42 Burlington, United States, ASN29873 (BIZLAND-SD, US), Reverse DNS 42.134.96.66.static.eigbox.net Software Apache/2 / Resource Hash `09fefda74119e44610d2c8d73ddfd6f3eebf5809dd5a8e44420cb40ab4be6b5a` Request headers Host postcovidconsulting.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 02 Jun 2020 03:52:17 GMT Content-Type text/html Content-Length 167 Connection keep-alive Keep-Alive timeout=30 Server Apache/2 Last-Modified Wed, 29 Apr 2020 16:38:36 GMT ETag "a7-5a47094695ddb" Cache-Control max-age=3600 Expires Tue, 02 Jun 2020 04:52:17 GMT Accept-Ranges bytes Age 0
GET H2	200	postcovidconsulting fortunaventures.wixsite.com/ Frame 5B86	0 0	519ms 207ms	Document text/html	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fortunaventures.wixsite.com/postcovidconsulting Requested by Host: postcovidconsulting.ca URL: http://postcovidconsulting.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.15.10 / Resource Hash Request headers :method GET :authority fortunaventures.wixsite.com :scheme https :path /postcovidconsulting pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest frame referer http://postcovidconsulting.ca/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://postcovidconsulting.ca/ Response headers status 200 date Tue, 02 Jun 2020 03:52:18 GMT content-type text/html;charset=utf-8 content-language en-US x-wix-request-id 1591069938.19346366071112172 link <https://static.parastorage.com/>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://static.wixstatic.com/>; rel=preconnect;,<https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js>; rel=preload; as=script;,<https://static.parastorage.com/unpkg/lodash@4.17.15/lodash.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.parastorage.com/unpkg/zepto@1.2.0/dist/zepto.min.js>; rel=preload; as=script ; crossorigin=anonymous;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://fortunaventures.wixsite.com/postcovidconsulting/_api/v2/dynamicmodel>; rel=preload; as=fetch ; crossorigin=anonymous;,<https://static.parastorage.com/services/wix-bolt/1.5976.0/bolt-main/app/main-r.min.js>; rel=preload; as=script ; crossorigin=anonymous; age 0 set-cookie ssr-caching="cache#desc=miss#varnish=miss#dc#desc=euw3";Version=1;Expires=Tue, 02-Jun-2020 03:52:38 GMT;Max-Age=20 hs=1473837402; Path=/; Domain=fortunaventures.wixsite.com; HTTPOnly svSession=d108128d9c008f83b17b831130803f7c28431f2ae0102549cb925d090e20693b628e75ba200debe2191c1188ac1eee771e60994d53964e647acf431e4f798bcd8f5d5b94b50bb5cac9be84bc14f31f238e415e2bea27355aa548ab07151f5c79; Max-Age=63071999; Expires=Thu, 2 Jun 2022 03:52:17 GMT; Path=/postcovidconsulting; Domain=fortunaventures.wixsite.com XSRF-TOKEN=1591069938\|KQFHUU-_CYuu; Path=/; Domain=fortunaventures.wixsite.com server-timing cache;desc=miss, varnish;desc=miss, dc;desc=euw3 expires Thu, 01 Jan 1970 00:00:00 GMT vary Accept-Encoding x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVjrvlvov8bST70Rf8rA8z43,2d58ifebGbosy5xc+FRaloPX4ngKfQM8fEHbwELHijnsD0bMLRUoyAC6MNHY+QtoWIHlCalF7YnfvOr2cMPpyw==,Nlv1KFVtIvAfa3AK9dRsI4MZ1kUUgUkrs5Mf5K7Ze4NWd3xniMsr1HjrszKGvMzr,2UNV7KOq4oGjA5+PKsX47FDtGCr72w4BMu4v3sd6ZGU=,qquldgcFrj2n046g4RNSVBJa9V+Mlgag59LWAnJN9H0=,1wy2ILu/S4rlWT/R4rqCrWnuokORQFBV3Lk74eVRPTM=,LXlT8qjS5x6WBejJA3+gBReDF6d20Na9DMCBlF4ucpWTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,x1Sj9Xv8W8xC18ngt0x3M1lmMcUJx5/dpzPDn1/aZ6Q5cO4uOX4mGD55v51cSVjlvGQ2Otd3B2C27oTTIAKJtQ==,LXlT8qjS5x6WBejJA3+gBReDF6d20Na9DMCBlF4ucpWTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Tw2AanFDQ+Wwo8Xxk6ZL7vOBx+hvh2Cbd7MMNUXzbHFL1IUvfso0yTBwtRJf2cm30YiZvEn55BJcnWCJgwLxXPDXL1hZYgEJSXT3xtn7juo=,w4q8mm9FnmU4emOs6psVXeazZu5q8BZWRWjVBCmDX5eTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Ts+7R/4FijtA6c9psi3FQBU9YlPJrZlUU2Wvvr00rySTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,LlHHrtdZwfqSTe7u8ayFI8T+VGX0lUW4HctaZuhJWEEN8kotqMeyvW7WJoOTdN+886o0cUmDIH7cX39jSA3JmQ==,vnnyTBxZ51OQwVc1vV5ZXNEdRVCcuGesI/xqPoG+iIqTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,CU5GbgCT5nWPaA3tUS4mLLuc4BiZk7U4rbm4cz0e7+yJ7VqFzG9DN7ysyDgSG981B/fJH0DFFiwtJMuRoLT+6f3cy95DEB9zu2AoXjHJ5UQ= cache-control private,max-age=0,must-revalidate server Pepyaka/1.15.10 content-encoding gzip
GET H/1.1	200 OK	blank.html Show response postcovidconsulting.ca/ Frame 5ECD	0 336 B	100ms 100ms	Document text/html	66.96.134.42 BIZLAND-SD
General Check archive.org Show headers Download Go to Full URL http://postcovidconsulting.ca/blank.html Requested by Host: postcovidconsulting.ca URL: http://postcovidconsulting.ca/ Protocol HTTP/1.1 Server 66.96.134.42 Burlington, United States, ASN29873 (BIZLAND-SD, US), Reverse DNS 42.134.96.66.static.eigbox.net Software Apache/2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Host postcovidconsulting.ca Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://postcovidconsulting.ca/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://postcovidconsulting.ca/ Response headers Date Tue, 02 Jun 2020 03:52:17 GMT Content-Type text/html Content-Length 0 Connection keep-alive Keep-Alive timeout=30 Server Apache/2 Last-Modified Wed, 29 Apr 2020 16:38:36 GMT ETag "0-5a4709469fa1e" Cache-Control max-age=3600 Expires Tue, 02 Jun 2020 04:52:17 GMT Accept-Ranges bytes Age 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fortunaventures.wixsite.com/	1969-12-31 23:59:59	Name: hs Value: 1473837402
fortunaventures.wixsite.com/	1970-01-19 09:57:49	Name: ssr-caching Value: "cache#desc=miss#varnish=miss#dc#desc=euw3"
.fortunaventures.wixsite.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1591069938\|KQFHUU-_CYuu
.fortunaventures.wixsite.com/postcovidconsulting	1970-01-20 03:29:01	Name: svSession Value: d108128d9c008f83b17b831130803f7c28431f2ae0102549cb925d090e20693b628e75ba200debe2191c1188ac1eee771e60994d53964e647acf431e4f798bcd8f5d5b94b50bb5cac9be84bc14f31f238e415e2bea27355aa548ab07151f5c79

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fortunaventures.wixsite.com
postcovidconsulting.ca
35.242.251.130
66.96.134.42
09fefda74119e44610d2c8d73ddfd6f3eebf5809dd5a8e44420cb40ab4be6b5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

postcovidconsulting.ca Open in urlscan Pro 66.96.134.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1 kBTransfer

0 kBSize

4 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

Indicators

postcovidconsulting.ca Open in urlscan Pro
66.96.134.42 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

4
Cookies

3 HTTP transactions
0 data transactions