covid.xn--proao-rta.com

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 159.65.72.100, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is covid.xn--proao-rta.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 25th 2020. Valid for: 3 months.

This is the only time covid.xn--proao-rta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	159.65.72.100 159.65.72.100	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:303... 2606:4700:3032::6812:24cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

4 159.65.72.100 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

covid.xn--proao-rta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6812:24cc (United States)

ASN13335 (CLOUDFLARENET, US)

corona.lmao.ninja	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	xn--proao-rta.com covid.xn--proao-rta.com	230 KB
2	lmao.ninja corona.lmao.ninja	8 KB
6	2

	Domain	Requested by
4	covid.xn--proao-rta.com	covid.xn--proao-rta.com
2	corona.lmao.ninja	covid.xn--proao-rta.com
6	2

This site contains no links.

Subject Issuer	Validity	Valid
covid.xn--proao-rta.com Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-19` - `2020-10-09`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://covid.xn--proao-rta.com/
Frame ID: 5349A90097DD5CFDB9CD9770B50F8CEA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

238 kB
Transfer

294 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response covid.xn--proao-rta.com/	2 KB 1 KB	567ms 176ms	Document text/html	159.65.72.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://covid.xn--proao-rta.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 159.65.72.100 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `bfac99c943a3c9030d35b17073876a212632d562f1745fef8bad2ef38ed8a9a2` Request headers :method GET :authority covid.xn--proao-rta.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 server nginx/1.14.0 (Ubuntu) date Wed, 25 Mar 2020 22:04:20 GMT content-type text/html last-modified Wed, 25 Mar 2020 22:03:21 GMT etag W/"5e7bd529-8a5" content-encoding gzip
GET H2	200	main.f2c60e4e.chunk.css covid.xn--proao-rta.com/static/css/	7 KB 7 KB	178ms 177ms	Stylesheet text/css	159.65.72.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://covid.xn--proao-rta.com/static/css/main.f2c60e4e.chunk.css Requested by Host: covid.xn--proao-rta.com URL: https://covid.xn--proao-rta.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 159.65.72.100 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `b04255b4747fdff3aacc250a39fa26c99a896c2bb3a5128d535e29718341dd29` Request headers Referer https://covid.xn--proao-rta.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Wed, 25 Mar 2020 22:04:20 GMT last-modified Wed, 25 Mar 2020 22:03:21 GMT server nginx/1.14.0 (Ubuntu) etag "5e7bd529-1ad4" content-type text/css status 200 accept-ranges bytes content-length 6868
GET H2	200	2.d2b0600f.chunk.js Show response covid.xn--proao-rta.com/static/js/	215 KB 216 KB	326ms 326ms	Script application/javascript	159.65.72.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://covid.xn--proao-rta.com/static/js/2.d2b0600f.chunk.js Requested by Host: covid.xn--proao-rta.com URL: https://covid.xn--proao-rta.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 159.65.72.100 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `1236d798d1900ed05fe22e40dba345603346085255633fffd984ea79e29018e3` Request headers Referer https://covid.xn--proao-rta.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 25 Mar 2020 22:04:20 GMT last-modified Wed, 25 Mar 2020 22:03:21 GMT server nginx/1.14.0 (Ubuntu) etag "5e7bd529-35de0" content-type application/javascript status 200 accept-ranges bytes content-length 220640
GET H2	200	main.5f3daf2d.chunk.js Show response covid.xn--proao-rta.com/static/js/	6 KB 6 KB	613ms 613ms	Script application/javascript	159.65.72.100 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://covid.xn--proao-rta.com/static/js/main.5f3daf2d.chunk.js Requested by Host: covid.xn--proao-rta.com URL: https://covid.xn--proao-rta.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 159.65.72.100 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `e1d04ab3ca5055d967e6981f79f7fcd598989f9ef08c2d7a88c4a0ccb0b1ad69` Request headers Referer https://covid.xn--proao-rta.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Wed, 25 Mar 2020 22:04:20 GMT last-modified Wed, 25 Mar 2020 22:03:21 GMT server nginx/1.14.0 (Ubuntu) etag "5e7bd529-1928" content-type application/javascript status 200 accept-ranges bytes content-length 6440
GET H2	200	countries Show response corona.lmao.ninja/	63 KB 8 KB	4346ms 4327ms	Fetch application/json	2606:4700:3032::6812:24cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://corona.lmao.ninja/countries Requested by Host: covid.xn--proao-rta.com URL: https://covid.xn--proao-rta.com/static/js/main.5f3daf2d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6812:24cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `23a7dcd5747c63d137562cbbe6574fefb1cf157d871e8dab8a3272aa8da1b62e` Request headers Referer https://covid.xn--proao-rta.com/ Origin https://covid.xn--proao-rta.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 22:04:25 GMT content-encoding br etag W/"fcd6-IbS4fEDalab/9tKaMiH+TJosra4" cf-cache-status DYNAMIC server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 579bed59f9e8dfdb-FRA
GET H2	200	all Show response corona.lmao.ninja/	74 B 154 B	4400ms 4381ms	Fetch application/json	2606:4700:3032::6812:24cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://corona.lmao.ninja/all Requested by Host: covid.xn--proao-rta.com URL: https://covid.xn--proao-rta.com/static/js/main.5f3daf2d.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6812:24cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `cfeb67ad7965a9f805ebd8948517acf5784456b47b253d8a7f9790458f1f9745` Request headers Referer https://covid.xn--proao-rta.com/ Origin https://covid.xn--proao-rta.com Sec-Fetch-Dest empty User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 25 Mar 2020 22:04:25 GMT content-encoding br etag W/"4a-faZK/lOB+233Wuz2KaFaGsuXg08" cf-cache-status DYNAMIC server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 200 content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 579bed59f9eedfdb-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corona.lmao.ninja
covid.xn--proao-rta.com
159.65.72.100
2606:4700:3032::6812:24cc
1236d798d1900ed05fe22e40dba345603346085255633fffd984ea79e29018e3
23a7dcd5747c63d137562cbbe6574fefb1cf157d871e8dab8a3272aa8da1b62e
b04255b4747fdff3aacc250a39fa26c99a896c2bb3a5128d535e29718341dd29
bfac99c943a3c9030d35b17073876a212632d562f1745fef8bad2ef38ed8a9a2
cfeb67ad7965a9f805ebd8948517acf5784456b47b253d8a7f9790458f1f9745
e1d04ab3ca5055d967e6981f79f7fcd598989f9ef08c2d7a88c4a0ccb0b1ad69

covid.xn--proao-rta.com Open in urlscan Pro Puny covid.proaño.com IDN 159.65.72.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

238 kBTransfer

294 kBSize

0 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

covid.xn--proao-rta.com Open in urlscan Pro Puny
covid.proaño.com IDN
159.65.72.100 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

238 kB
Transfer

294 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions