www.covid19relief.claim-lt.online Open in urlscan Pro
198.54.115.133  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.covid19relief.claim-lt.online/	75 KB 15 KB	5688ms 303ms	Document text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash ed576221383b80f9e6c0024210f2279f055bcdeac66beaf775b1fc7485fb074e Request headers :method GET :authority www.covid19relief.claim-lt.online :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html last-modified Sun, 04 Jul 2021 06:10:01 GMT accept-ranges bytes content-encoding br vary Accept-Encoding content-length 15252 date Tue, 14 Sep 2021 16:02:22 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	200	js Show response www.googletagmanager.com/gtag/	129 KB 51 KB	5119ms 48ms	Script application/javascript	2a00:1450:4007:81a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1XEX5JVP1W Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:81a::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fe78cbb27011d22b487231a09e4ce3044870296916c70e90d14d4f5d0b35e8a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51686 x-xss-protection 0 expires Tue, 14 Sep 2021 16:02:28 GMT
GET H2	200	bootstrap.min.css www.covid19relief.claim-lt.online/bootstrap/3-3-7/css/	118 KB 18 KB	300ms 299ms	Stylesheet text/css	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/bootstrap/3-3-7/css/bootstrap.min.css Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 399b0524f54e1951efefc517d1413823a1e9c0cd69a4c76734249a2ff8b5cd3f Request headers :path /bootstrap/3-3-7/css/bootstrap.min.css pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:23 GMT content-encoding br last-modified Mon, 26 Apr 2021 11:47:32 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 18250 expires Tue, 21 Sep 2021 16:02:23 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 903 B	5108ms 30ms	Stylesheet text/css	2a00:1450:4007:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo&display=swap Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:809::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 14 Sep 2021 15:30:14 GMT server ESF date Tue, 14 Sep 2021 16:02:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Sep 2021 16:02:28 GMT
GET H2	200	jquery.min.js Show response www.covid19relief.claim-lt.online/ajax/libs/jquery/2-2-4/	84 KB 29 KB	446ms 446ms	Script application/javascript	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/ajax/libs/jquery/2-2-4/jquery.min.js Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers :path /ajax/libs/jquery/2-2-4/jquery.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:23 GMT content-encoding br last-modified Mon, 26 Apr 2021 11:47:40 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 29167 expires Tue, 21 Sep 2021 16:02:23 GMT
GET H2	200	jquery.min.js Show response www.covid19relief.claim-lt.online/ajax/libs/jquery/1-11-1/	94 KB 32 KB	592ms 592ms	Script application/javascript	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/ajax/libs/jquery/1-11-1/jquery.min.js Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers :path /ajax/libs/jquery/1-11-1/jquery.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:23 GMT content-encoding br last-modified Mon, 26 Apr 2021 11:47:40 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 32294 expires Tue, 21 Sep 2021 16:02:23 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 582 B	5108ms 31ms	Stylesheet text/css	2a00:1450:4007:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:809::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 14 Sep 2021 14:58:46 GMT server ESF date Tue, 14 Sep 2021 16:02:28 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 14 Sep 2021 16:02:28 GMT
GET H2	200	covid-newsletter_en.jpg www.covid19relief.claim-lt.online/imagegen-ashx_image_/media/14323165/	82 KB 83 KB	302ms 299ms	Image image/jpeg	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/imagegen-ashx_image_/media/14323165/covid-newsletter_en.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 87cbb79a4ad8ea6b6510f1c1c16754497c5850876f785c8efc1838c2c3387d3d Request headers :path /imagegen-ashx_image_/media/14323165/covid-newsletter_en.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 84436 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	tenor.gif www.covid19relief.claim-lt.online/images/3ebaa8d621d2f9fcb588091ac50e6d32/	4 KB 4 KB	740ms 738ms	Image image/gif	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/images/3ebaa8d621d2f9fcb588091ac50e6d32/tenor.gif Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash c10f54f2730d510485f55bc57d6ba17b4ccedb9dd323ff57eb87bca6aa0ef967 Request headers :path /images/3ebaa8d621d2f9fcb588091ac50e6d32/tenor.gif pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 4361 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	western-union.jpg www.covid19relief.claim-lt.online/wp-content/uploads/2014/09/	20 KB 20 KB	742ms 739ms	Image image/jpeg	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/wp-content/uploads/2014/09/western-union.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 66cfe2941594b643f541fa7fb6f19897129f2ac6e363c65306ff7fdcf38a0c25 Request headers :path /wp-content/uploads/2014/09/western-union.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 20222 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	moneygram_international_logo.jpg www.covid19relief.claim-lt.online/media/600838/	63 KB 64 KB	743ms 740ms	Image image/jpeg	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/media/600838/moneygram_international_logo.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 88bc90c5ad9e4f3ff6c420cc181b3978e2d5fb23ba44515bcf803b39d83ead03 Request headers :path /media/600838/moneygram_international_logo.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 64891 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	logo-mastercard-mobile.svg www.covid19relief.claim-lt.online/content/dam/mccom/global/logos/	3 KB 1 KB	886ms 884ms	Image image/svg+xml	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/content/dam/mccom/global/logos/logo-mastercard-mobile.svg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 4733b7c05b2f228a2d46f83fbdb3135e04d333199cec3a4206d70c22eb0a3c12 Request headers :path /content/dam/mccom/global/logos/logo-mastercard-mobile.svg pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT content-encoding br last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 1116 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	1000px-visa_inc._logo.svg.png www.covid19relief.claim-lt.online/wikipedia/commons/thumb/5/5e/visa_inc-_logo-svg/	29 KB 29 KB	887ms 885ms	Image image/png	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/wikipedia/commons/thumb/5/5e/visa_inc-_logo-svg/1000px-visa_inc._logo.svg.png Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 08f927824fd94bd60a11bcb51156501bd0e100e7442f23c272eaef3bf88775c4 Request headers :path /wikipedia/commons/thumb/5/5e/visa_inc-_logo-svg/1000px-visa_inc._logo.svg.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 29234 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	200	768px-twitter_verified_badge.svg.png www.covid19relief.claim-lt.online/wikipedia/commons/thumb/e/e4/twitter_verified_badge-svg/	26 KB 26 KB	887ms 885ms	Image image/png	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/wikipedia/commons/thumb/e/e4/twitter_verified_badge-svg/768px-twitter_verified_badge.svg.png Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash d1aa445dd6b6915fe5fa9e7aa54e0f4948e9338c9a0e860a7eace8a0bf04d9d6 Request headers :path /wikipedia/commons/thumb/e/e4/twitter_verified_badge-svg/768px-twitter_verified_badge.svg.png pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:28 GMT last-modified Mon, 26 Apr 2021 11:47:34 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 26622 expires Tue, 21 Sep 2021 16:02:28 GMT
GET H2	404	img_20210305_215427.jpg covid-19-relief-fund.get-lt.xyz/-qp1esyyenla/yekbqy41j1i/aaaaaaaaixm/75mootxrmq8nsasj-uqyqzoqo_uxs_-kqclcbgasyhq/s1358/	0 0	5600ms 160ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-qp1esyyenla/yekbqy41j1i/aaaaaaaaixm/75mootxrmq8nsasj-uqyqzoqo_uxs_-kqclcbgasyhq/s1358/img_20210305_215427.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	img_20210305_215505.jpg covid-19-relief-fund.get-lt.xyz/-fiuefqhkt9g/yekb0grffoi/aaaaaaaaixq/1-jhc9bxsmabzk6xahq8ik3dfm5z597aqclcbgasyhq/s1419/	0 0	5733ms 293ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-fiuefqhkt9g/yekb0grffoi/aaaaaaaaixq/1-jhc9bxsmabzk6xahq8ik3dfm5z597aqclcbgasyhq/s1419/img_20210305_215505.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	img_20210415_145255.jpg covid-19-relief-fund.get-lt.xyz/-8jzy6jtzvns/yhhfycd0qbi/aaaaaaaai5o/znkbn3lnqs0aple13i1hqkyerbuveu0qwclcbgasyhq/s1079/	0 0	5744ms 303ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-8jzy6jtzvns/yhhfycd0qbi/aaaaaaaai5o/znkbn3lnqs0aple13i1hqkyerbuveu0qwclcbgasyhq/s1079/img_20210415_145255.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	img_20210305_215539.jpg covid-19-relief-fund.get-lt.xyz/-tmqsddruzge/yekb2ljs6vi/aaaaaaaaixu/nf5jz7cejfmynkr2jkd--4ump7q-9juhwclcbgasyhq/s1358/	0 0	5751ms 311ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-tmqsddruzge/yekb2ljs6vi/aaaaaaaaixu/nf5jz7cejfmynkr2jkd--4ump7q-9juhwclcbgasyhq/s1358/img_20210305_215539.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	img_20210422_092818.jpg covid-19-relief-fund.get-lt.xyz/-7ir9d-t73i0/yiez_ntqsqi/aaaaaaaai9m/hhe6m35fmbw4uq7rihstjihkva2i2bzbqclcbgasyhq/s1079/	0 0	5751ms 311ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-7ir9d-t73i0/yiez_ntqsqi/aaaaaaaai9m/hhe6m35fmbw4uq7rihstjihkva2i2bzbqclcbgasyhq/s1079/img_20210422_092818.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	5ZOc_PYC.jpg pbs.twimg.com/profile_images/1319357130814705664/	24 KB 25 KB	5189ms 41ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1319357130814705664/5ZOc_PYC.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (mil/6CEF) / Resource Hash 37d98dc12705534ac72264ea46b6b7cfb0631f7d698b8c9f9e42a3767b472eea Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:33 GMT x-content-type-options nosniff age 8723 x-cache HIT content-length 24875 surrogate-key profile_images profile_images/bucket/8 profile_images/1319357130814705664 last-modified Thu, 22 Oct 2020 19:15:07 GMT server ECS (mil/6CEF) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash cd8a7cfcf773c999f66d6c59ae6243c2bbaa96f1129f8e8641c2f3b8d6118463 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	404	img_20210309_200308.jpg covid-19-relief-fund.get-lt.xyz/-i9-mwsfh2-a/yefgvdljtmi/aaaaaaaaiyq/xpgce40ewnw4lbhbkcmc2lwyijabqevyqclcbgasyhq/s1066/	0 0	5751ms 312ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-i9-mwsfh2-a/yefgvdljtmi/aaaaaaaaiyq/xpgce40ewnw4lbhbkcmc2lwyijabqevyqclcbgasyhq/s1066/img_20210309_200308.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	404	img_20210329_220031_398.jpg covid-19-relief-fund.get-lt.xyz/-cbhztedof28/ygjaju_6tmi/aaaaaaaai3a/fbne82nt5keex8kcn33qgikokopovjdmgclcbgasyhq/s320/	0 0	276ms 276ms	Image text/html	68.65.122.105 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://covid-19-relief-fund.get-lt.xyz/-cbhztedof28/ygjaju_6tmi/aaaaaaaai3a/fbne82nt5keex8kcn33qgikokopovjdmgclcbgasyhq/s320/img_20210329_220031_398.jpg Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.105 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium22-3.web-hosting.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	online_i.js Show response widget.supercounters.com/ssl/	4 KB 2 KB	5088ms 33ms	Script application/javascript	2606:4700:3030::ac43:9a78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.supercounters.com/ssl/online_i.js Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:9a78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:33 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jul 2017 06:49:04 GMT server cloudflare age 882 etag W/"596474e0-109e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kZLkAA8LQanoaCc7ZtSq5oatfLToeX8l0U2b481%2BmVid%2BCkBhfzXXyr75HbVnNNySkjnXgOO0bu8zMAsMDsysFC%2FZ6C81vqEhuzvoxxBFwbKcRCXi2jZNeuP553g4MExXAPnfqi10JnvRfp62moHCYLf4yqP4I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 68ead71ea86b440d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v18/	19 KB 20 KB	5099ms 25ms	Font font/woff2	2a00:1450:4007:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:80e::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.covid19relief.claim-lt.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 11 Sep 2021 00:26:23 GMT x-content-type-options nosniff age 315370 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19844 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:20:10 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 11 Sep 2022 00:26:23 GMT
GET H2	404	yuming.js Show response www.covid19relief.claim-lt.online/	1 KB 1 KB	1016ms 1016ms	XHR text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/yuming.js?1631635348373&_=1631635348349 Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ajax/libs/jquery/2-2-4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers :path /yuming.js?1631635348373&_=1631635348349 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 cache-control no-cache sec-fetch-dest empty :authority www.covid19relief.claim-lt.online x-requested-with XMLHttpRequest :scheme https sec-fetch-site same-origin referer https://www.covid19relief.claim-lt.online/ :method GET Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://www.covid19relief.claim-lt.online/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET		verify.js owo-owo.vip/	0 0
GET		total.php r.line-me.vip/record/	0 0
GET		total.php r.line-me.vip/record/	0 0
GET H2	404	like.png www.covid19relief.claim-lt.online/img/f/	1 KB 1 KB	1010ms 1010ms	Image text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/img/f/like.png Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers :path /img/f/like.png pragma no-cache cookie null=null; hw=hw accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	bubble.png www.covid19relief.claim-lt.online/img/f/	1 KB 1 KB	1010ms 1010ms	Image text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.covid19relief.claim-lt.online/img/f/bubble.png Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers :path /img/f/bubble.png pragma no-cache cookie null=null; hw=hw accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Tahoma.ttf www.covid19relief.claim-lt.online/fonts/	0 0	1010ms 1010ms	Font text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/fonts/Tahoma.ttf Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash Request headers sec-fetch-mode cors origin https://www.covid19relief.claim-lt.online accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie null=null; hw=hw :path /fonts/Tahoma.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.covid19relief.claim-lt.online/ Origin https://www.covid19relief.claim-lt.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Tahoma-Bold.ttf www.covid19relief.claim-lt.online/fonts/	0 0	1010ms 1010ms	Font text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/fonts/Tahoma-Bold.ttf Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash Request headers sec-fetch-mode cors origin https://www.covid19relief.claim-lt.online accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie null=null; hw=hw :path /fonts/Tahoma-Bold.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept */* cache-control no-cache :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.covid19relief.claim-lt.online/ Origin https://www.covid19relief.claim-lt.online Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	hm.js www.covid19relief.claim-lt.online/	0 0	993ms 993ms	Script text/html	198.54.115.133 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid19relief.claim-lt.online/hm.js Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.115.133 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium26-3.web-hosting.com Software LiteSpeed / Resource Hash Request headers :path /hm.js pragma no-cache cookie null=null; hw=hw accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.covid19relief.claim-lt.online referer https://www.covid19relief.claim-lt.online/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
POST H2	204	collect www.google-analytics.com/g/	0 381 B	5098ms 25ms	Ping text/plain	2a00:1450:4007:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-1XEX5JVP1W&gtm=2oe9d0&_p=110647249&sr=1600x1200&ul=en-us&cid=930469957.1631635348&_s=1&dl=https%3A%2F%2Fwww.covid19relief.claim-lt.online%2F&dt=COVID-19%20RELIEF%20FUND&sid=1631635348&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1XEX5JVP1W Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:806::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.covid19relief.claim-lt.online/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 14 Sep 2021 16:02:33 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.covid19relief.claim-lt.online cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	fc.php Show response www.supercounters.com/	28 B 279 B	5310ms 95ms	Script application/x-javascript	172.104.29.90
General Check archive.org Show headers Download Go to Full URL https://www.supercounters.com/fc.php?id=1615604&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F92.0.4515.159%20Safari%2F537.36&ref=&url=https%3A%2F%2Fwww.covid19relief.claim-lt.online%2F%231631635348900&sw=1600&sh=1200&rand=47 Requested by Host: widget.supercounters.com URL: https://widget.supercounters.com/ssl/online_i.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.104.29.90 -, , ASN (), Reverse DNS Software nginx/1.20.1 / PHP/7.4.13 Resource Hash 83874316cd798554e4f53e233ad20986fad62d65b37582b702190369e811d989 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 14 Sep 2021 16:02:38 GMT Content-Encoding gzip Server nginx/1.20.1 Connection keep-alive X-Powered-By PHP/7.4.13 Transfer-Encoding chunked Content-Type application/x-javascript
GET H2	200	fffff.png widget.supercounters.com/images/online/	502 B 872 B	106ms 106ms	Image image/png	2606:4700:3030::ac43:9a78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widget.supercounters.com/images/online/fffff.png Requested by Host: www.covid19relief.claim-lt.online URL: https://www.covid19relief.claim-lt.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:9a78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3141a6de54c8835dd1886c0856ee2b4a102b79425268b3104c2fff3370890c0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.covid19relief.claim-lt.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 14 Sep 2021 16:02:38 GMT cf-cache-status HIT last-modified Thu, 09 Feb 2012 20:38:25 GMT server cloudflare etag "4f342ec1-1f6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5DtVvHFTtjDLq5RxcqrzYiiU%2FLasLlxZWnKXyZgoY8VFf9qnuREr0u5%2BDMcNd53X3%2FExstoDkDh5Ke%2BJEwa6VfPS4vKfBYi7mq6Bb1s0UqNCSvCJpuFXWu1eQOB80sk1ZvhPn0PmwwT2VRKIrjxVOvzqZNVbMA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 68ead7401ddc440d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 502

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

owo-owo.vip

URL

https://owo-owo.vip/verify.js?_=1631635348350

Domain

r.line-me.vip

URL

https://r.line-me.vip/record/total.php?ac=total&name=null&_=1631635348351

Domain

r.line-me.vip

URL

https://r.line-me.vip/record/total.php?ac=total&name=hw&_=1631635348352

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer function| $ function| jQuery number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop object| adsbygoogle function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob string| _0xodL object| _0x44bf function| _0x17b0 function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| j string| banner string| dl function| hh1 function| jp function| fh object| _hmt object| google_tag_manager object| google_tag_data object| gaGlobal object| sc_olimg_var function| sc_online_i function| sc_onlineimage function| ct_insert function| drawText_online function| errorMsg function| onYouTubeIframeAPIReady

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.covid19relief.claim-lt.online/	1970-01-19 21:13:55	Name: null Value: null
			www.covid19relief.claim-lt.online/	1970-01-19 21:13:55	Name: hw Value: hw
			.claim-lt.online/	1970-01-20 14:45:07	Name: _ga_1XEX5JVP1W Value: GS1.1.1631635348.1.0.1631635348.0
			.claim-lt.online/	1970-01-20 14:45:07	Name: _ga Value: GA1.1.930469957.1631635348

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.covid19relief.claim-lt.online/yuming.js?1631635348373&_=1631635348349 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.covid19relief.claim-lt.online/img/f/like.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.covid19relief.claim-lt.online/img/f/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.covid19relief.claim-lt.online/fonts/Tahoma.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.covid19relief.claim-lt.online/fonts/Tahoma-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.covid19relief.claim-lt.online/hm.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://r.line-me.vip/record/total.php?ac=total&name=null&_=1631635348351 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://r.line-me.vip/record/total.php?ac=total&name=hw&_=1631635348352 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://owo-owo.vip/verify.js?_=1631635348350 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-qp1esyyenla/yekbqy41j1i/aaaaaaaaixm/75mootxrmq8nsasj-uqyqzoqo_uxs_-kqclcbgasyhq/s1358/img_20210305_215427.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-fiuefqhkt9g/yekb0grffoi/aaaaaaaaixq/1-jhc9bxsmabzk6xahq8ik3dfm5z597aqclcbgasyhq/s1419/img_20210305_215505.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-8jzy6jtzvns/yhhfycd0qbi/aaaaaaaai5o/znkbn3lnqs0aple13i1hqkyerbuveu0qwclcbgasyhq/s1079/img_20210415_145255.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-tmqsddruzge/yekb2ljs6vi/aaaaaaaaixu/nf5jz7cejfmynkr2jkd--4ump7q-9juhwclcbgasyhq/s1358/img_20210305_215539.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-7ir9d-t73i0/yiez_ntqsqi/aaaaaaaai9m/hhe6m35fmbw4uq7rihstjihkva2i2bzbqclcbgasyhq/s1079/img_20210422_092818.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-i9-mwsfh2-a/yefgvdljtmi/aaaaaaaaiyq/xpgce40ewnw4lbhbkcmc2lwyijabqevyqclcbgasyhq/s1066/img_20210309_200308.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://covid-19-relief-fund.get-lt.xyz/-cbhztedof28/ygjaju_6tmi/aaaaaaaai3a/fbne82nt5keex8kcn33qgikokopovjdmgclcbgasyhq/s320/img_20210329_220031_398.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid-19-relief-fund.get-lt.xyz
fonts.googleapis.com
fonts.gstatic.com
owo-owo.vip
pbs.twimg.com
r.line-me.vip
widget.supercounters.com
www.covid19relief.claim-lt.online
www.google-analytics.com
www.googletagmanager.com
www.supercounters.com
owo-owo.vip
r.line-me.vip
172.104.29.90
198.54.115.133
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:3030::ac43:9a78
2a00:1450:4007:806::200e
2a00:1450:4007:809::200a
2a00:1450:4007:80e::2003
2a00:1450:4007:81a::2008
68.65.122.105
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08f927824fd94bd60a11bcb51156501bd0e100e7442f23c272eaef3bf88775c4
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
37d98dc12705534ac72264ea46b6b7cfb0631f7d698b8c9f9e42a3767b472eea
399b0524f54e1951efefc517d1413823a1e9c0cd69a4c76734249a2ff8b5cd3f
4733b7c05b2f228a2d46f83fbdb3135e04d333199cec3a4206d70c22eb0a3c12
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
66cfe2941594b643f541fa7fb6f19897129f2ac6e363c65306ff7fdcf38a0c25
83874316cd798554e4f53e233ad20986fad62d65b37582b702190369e811d989
87cbb79a4ad8ea6b6510f1c1c16754497c5850876f785c8efc1838c2c3387d3d
88bc90c5ad9e4f3ff6c420cc181b3978e2d5fb23ba44515bcf803b39d83ead03
8cd48a23b5cf3b3659e12bf6eee322a1781a624117ffe71bed68503224829031
9761e420af3328d27d24e7ea50ebe0b50d23f5c64d4ebd2dbadb07e809961e22
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
c10f54f2730d510485f55bc57d6ba17b4ccedb9dd323ff57eb87bca6aa0ef967
c3141a6de54c8835dd1886c0856ee2b4a102b79425268b3104c2fff3370890c0
d1aa445dd6b6915fe5fa9e7aa54e0f4948e9338c9a0e860a7eace8a0bf04d9d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed576221383b80f9e6c0024210f2279f055bcdeac66beaf775b1fc7485fb074e
fb2ceb00d62c62740a0d175a3a943ce09a66c30c9eb8a6f98760f8bc774b182c
fe78cbb27011d22b487231a09e4ce3044870296916c70e90d14d4f5d0b35e8a8