covidivenivi.ci Open in urlscan Pro
51.91.108.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covidivenivi.ci/
Submission: On March 31 via automatic, source certstream-suspicious (March 31st 2020, 7:07:00 am UTC)

Summary HTTP 10 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 51.91.108.254, located in France and belongs to OVH, FR. The main domain is covidivenivi.ci.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 23rd 2020. Valid for: 3 months.

This is the only time covidivenivi.ci was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	51.91.108.254 51.91.108.254		16276 (OVH) (OVH)
10	1

10 51.91.108.254 (France)

ASN16276 (OVH, FR)
PTR: 254.ip-51-91-108.eu

covidivenivi.ci	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	covidivenivi.ci covidivenivi.ci	2 MB
10	1

	Domain	Requested by
10	covidivenivi.ci	covidivenivi.ci
10	1

This site contains links to these domains. Also see Links.

Domain
vi.ci
wikidata.org
en.wikipedia.org
babouk.net
twitter.com

Subject Issuer	Validity	Valid
wikji.net Let's Encrypt Authority X3	`2020-02-23` - `2020-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://covidivenivi.ci/
Frame ID: 7F1B1194E7192BC3C39F663A27E76E4A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bulma(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2027 kB
Transfer

2024 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://vi.ci/
Title: Vi.ci

Search URL Search Domain Scan URL

URL: https://wikidata.org/
Title: Wikidata

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Creative_Commons_license#Zero_/_public_domain
Title: Creative Commons Zero license

Search URL Search Domain Scan URL

URL: https://babouk.net/
Title: Babouk

Search URL Search Domain Scan URL

URL: https://twitter.com/covidivenivici
Title: @covidivenivici

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response covidivenivi.ci/	498 B 791 B	216ms 103ms	Document text/html	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `92e9b22ee717e74da21bdb1ff263d7dbdab6a8c2d6bc94c1d93f2f1abe61d2e0` Request headers Host covidivenivi.ci Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers X-Powered-By Express Accept-Ranges bytes Cache-Control public, max-age=0 Last-Modified Tue, 31 Mar 2020 06:45:15 GMT ETag W/"1f2-1712f5644fe" Content-Type text/html; charset=UTF-8 Content-Length 498 Date Tue, 31 Mar 2020 07:06:41 GMT Connection keep-alive
GET H/1.1	200 OK	bulma.css covidivenivi.ci/kek/	219 KB 219 KB	64ms 63ms	Stylesheet text/css	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/kek/bulma.css Requested by Host: covidivenivi.ci URL: https://covidivenivi.ci/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `fdf3078f2b8e6f96be42ec92f46db0ab715f6acd7ca3e1fa45b91a52ce72be0f` Request headers Referer https://covidivenivi.ci/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 07:06:41 GMT ETag W/"36a78-1712f60acef" Last-Modified Tue, 31 Mar 2020 06:56:37 GMT X-Powered-By Express Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 223864
GET H/1.1	200 OK	boka.css covidivenivi.ci/kek/	3 KB 3 KB	130ms 46ms	Stylesheet text/css	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/kek/boka.css Requested by Host: covidivenivi.ci URL: https://covidivenivi.ci/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `4166dbe356cc6f6fb32ac7cb41d4c90c29a9564b6661c7e20bda1f18a6fccf37` Request headers Referer https://covidivenivi.ci/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 07:06:41 GMT ETag W/"b42-1712f60c5ff" Last-Modified Tue, 31 Mar 2020 06:56:43 GMT X-Powered-By Express Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 2882
GET H/1.1	200 OK	boka.js Show response covidivenivi.ci/kek/	2 MB 2 MB	130ms 46ms	Script application/javascript	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/kek/boka.js Requested by Host: covidivenivi.ci URL: https://covidivenivi.ci/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `5c74024c5ea1ea6f7b3086c02194b0180524583f321d483ae422fb904922331b` Request headers Referer https://covidivenivi.ci/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Tue, 31 Mar 2020 07:06:41 GMT ETag W/"1bc902-1712f5bf102" Last-Modified Tue, 31 Mar 2020 06:51:26 GMT X-Powered-By Express Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 1820930
GET H/1.1	200 OK	.bashara Show response covidivenivi.ci/	272 B 486 B	45ms 45ms	XHR application/json	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/.bashara Requested by Host: URL: webpack:///./node_modules/igbi/node_modules/axios/lib/adapters/xhr.js? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `1bf9957c5aeef03332ed0e607219b82320219f075e73dd1f5960189df5ca1f17` Request headers Accept application/json, text/plain, / Referer https://covidivenivi.ci/ Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 07:06:41 GMT Connection keep-alive X-Powered-By Express ETag W/"110-BX8uR566Q7auxi39tejrKYWIFo4" Content-Length 272 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	style.css covidivenivi.ci/.bashara/skjal/	1 KB 2 KB	45ms 45ms	Stylesheet text/css	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/.bashara/skjal/style.css Requested by Host: URL: webpack:///./kijk/ngutu.vue?./node_modules/ts-loader??ref--3!./node_modules/vue-loader/lib??vue-loader-options Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `68b1be2b2e13ee8d8effe3303072935ab22c1f2ffd209886f41f9700675e2aa6` Request headers Referer https://covidivenivi.ci/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers Date Tue, 31 Mar 2020 07:06:41 GMT ETag W/"4e8-1712f65ade7" Last-Modified Tue, 31 Mar 2020 07:02:05 GMT X-Powered-By Express Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 1256
GET H/1.1	200 OK	benvenuto Show response covidivenivi.ci/	2 KB 2 KB	45ms 45ms	XHR application/json	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/benvenuto Requested by Host: URL: webpack:///./node_modules/igbi/node_modules/axios/lib/adapters/xhr.js? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `d45edaa783f7818a08d5aafcd16a2aac5327f4c9f487eb0e1f0dc773344d3bda` Request headers Accept application/json, text/plain, / Referer https://covidivenivi.ci/ Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 07:06:41 GMT Connection keep-alive X-Powered-By Express ETag W/"80a-hbseTXK3qCpwFf3tByiscQzQAx8" Content-Length 2058 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	ziedai Show response covidivenivi.ci/benvenuto/	2 B 212 B	45ms 44ms	XHR application/json	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/benvenuto/ziedai Requested by Host: URL: webpack:///./node_modules/igbi/node_modules/axios/lib/adapters/xhr.js? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945` Request headers Accept application/json, text/plain, / Referer https://covidivenivi.ci/ Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 07:06:42 GMT Connection keep-alive X-Powered-By Express ETag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" Content-Length 2 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	.izus Show response covidivenivi.ci/	2 B 212 B	44ms 43ms	XHR application/json	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/.izus Requested by Host: URL: webpack:///./node_modules/igbi/node_modules/axios/lib/adapters/xhr.js? Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945` Request headers Accept application/json, text/plain, / Referer https://covidivenivi.ci/ Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 07:06:42 GMT Connection keep-alive X-Powered-By Express ETag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" Content-Length 2 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	Roboto-Light-webfont.woff covidivenivi.ci/.bashara/skjal/	20 KB 21 KB	64ms 64ms	Font font/woff	51.91.108.254 OVH
General Check archive.org Show headers Download Go to Full URL https://covidivenivi.ci/.bashara/skjal/Roboto-Light-webfont.woff Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.91.108.254 , France, ASN16276 (OVH, FR), Reverse DNS 254.ip-51-91-108.eu Software / Express Resource Hash `072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6` Request headers Referer https://covidivenivi.ci/.bashara/skjal/style.css Origin https://covidivenivi.ci Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 31 Mar 2020 07:06:42 GMT ETag W/"51a8-1712f65ade7" Last-Modified Tue, 31 Mar 2020 07:02:05 GMT X-Powered-By Express Content-Type font/woff Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 20904

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: webpack:///./node_modules/vue/dist/vue.runtime.esm.js?(Line 8418) Message: Download the Vue Devtools extension for a better development experience: https://github.com/vuejs/vue-devtools
console-api	info	URL: webpack:///./node_modules/vue/dist/vue.runtime.esm.js?(Line 8428) Message: You are running Vue in development mode. Make sure to turn on production mode when deploying for production. See more tips at https://vuejs.org/guide/deployment.html
console-api	log	URL: webpack:///./kijk/ngutu.vue?./node_modules/ts-loader??ref--3!./node_modules/vue-loader/lib??vue-loader-options(Line 193) Message: bashara [object Object]
console-api	log	URL: webpack:///./kijk/ngutu.vue?./node_modules/ts-loader??ref--3!./node_modules/vue-loader/lib??vue-loader-options(Line 293) Message: eiea-open [object Object]
console-api	log	URL: webpack:///./kijk/vkladki.vue?./node_modules/ts-loader??ref--3!./node_modules/vue-loader/lib??vue-loader-options(Line 32) Message: label [object Object]
console-api	log	URL: webpack:///./kijk/vkladki.vue?./node_modules/ts-loader??ref--3!./node_modules/vue-loader/lib??vue-loader-options(Line 22) Message: status [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covidivenivi.ci
51.91.108.254
072c31e5770897b5bf1d6a566b33b9332bfd7e0baeb64d45dd58d02794eeb4a6
1bf9957c5aeef03332ed0e607219b82320219f075e73dd1f5960189df5ca1f17
4166dbe356cc6f6fb32ac7cb41d4c90c29a9564b6661c7e20bda1f18a6fccf37
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5c74024c5ea1ea6f7b3086c02194b0180524583f321d483ae422fb904922331b
68b1be2b2e13ee8d8effe3303072935ab22c1f2ffd209886f41f9700675e2aa6
92e9b22ee717e74da21bdb1ff263d7dbdab6a8c2d6bc94c1d93f2f1abe61d2e0
d45edaa783f7818a08d5aafcd16a2aac5327f4c9f487eb0e1f0dc773344d3bda
fdf3078f2b8e6f96be42ec92f46db0ab715f6acd7ca3e1fa45b91a52ce72be0f

covidivenivi.ci Open in urlscan Pro 51.91.108.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2027 kBTransfer

2024 kBSize

0 Cookies

5 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

6 Console Messages

Indicators

covidivenivi.ci Open in urlscan Pro
51.91.108.254 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2027 kB
Transfer

2024 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions