www.covid-trv.app Open in urlscan Pro
107.162.147.211  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.covid-trv.app/	2 KB 3 KB	937ms 519ms	Document text/html	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 78f9f71a44b318faf61e3eaf3d4d9e009fc67702ae2571d757d31c04de8e8398 Request headers Host www.covid-trv.app Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/html Content-Length 2306 Connection keep-alive Date Fri, 01 May 2020 22:55:49 GMT Last-Modified Fri, 01 May 2020 21:45:56 GMT ETag "2f3ee7695416025afc9cf4d81f653cbc" Accept-Ranges bytes X-Cache Error from cloudfront Via 1.1 af49d962d25539f633834af35e0ac9d1.cloudfront.net (CloudFront), 1.1 fra1-bit27 X-Amz-Cf-Pop WAW50-C1 X-Amz-Cf-Id NIACUf_8gak_4BdI9JmLKu4vGq5wCU6du1oEXe4AtLfB9S0oIbIJyQ== Age 29098 Set-Cookie TS0160d400=012b03c72060edf73a5fdb04b6d4cfca1bcde396099c339e5943e1bf172e52b475a2b73580ea11770fab7a4b1569c49162d421c709; Path=/; Secure; HTTPOnly
GET H/1.1	200 OK	base.css www.travelers.com/media-assets/fonts/1.0/	8 KB 3 KB	243ms 21ms	Stylesheet text/css	104.109.90.122 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.travelers.com/media-assets/fonts/1.0/base.css Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.90.122 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-90-122.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 7473421cee86e05768ab458c8b5d605f4b434b530901950043fb3fb5f06067b6 Security Headers Name Value Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 02 May 2020 07:00:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Powered-By ASP.NET Connection keep-alive Content-Length 2283 X-XSS-Protection 1; mode=block Pragma no-cache Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 08 Nov 2018 08:32:24 GMT Server Microsoft-IIS/8.5 X-Frame-Options sameorigin ETag "93849933d77d41:0" Vary Accept-Encoding Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type text/css Cache-Control max-age=0, no-cache, private Feature-Policy fullscreen 'none' Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Accept-Ranges bytes Expires Sat, 02 May 2020 07:00:47 GMT
GET H/1.1	200 OK	2.9a2fdf02.chunk.css www.covid-trv.app/static/css/	226 KB 226 KB	44ms 43ms	Stylesheet text/css	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/static/css/2.9a2fdf02.chunk.css Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 0dc74122b37237fb33323e273c0768f3c010d69d57292b104ed814644f7f64b4 Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 02 May 2020 00:38:13 GMT Via 1.1 af49d962d25539f633834af35e0ac9d1.cloudfront.net (CloudFront), 1.1 fra1-bit27 Last-Modified Fri, 01 May 2020 21:45:56 GMT Age 22955 ETag "51cbd99c6f5a78b1351d747ec87759d4" X-Cache Hit from cloudfront Content-Type text/css Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 231106 X-Amz-Cf-Id YOpLPTDlroPA2dKsPgAOU7jQB0nT3z77HFd6SLX-BkC1r8yYSr7H-g==
GET H/1.1	200 OK	main.266a7007.chunk.css www.covid-trv.app/static/css/	2 KB 2 KB	127ms 90ms	Stylesheet text/css	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/static/css/main.266a7007.chunk.css Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash bd5c16d60d6ccc166cafb260cde522f05e8e1bdeb64fe904d33535053fb579f8 Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 02 May 2020 00:38:12 GMT Via 1.1 7210fed509d8e341021bffe29c62787c.cloudfront.net (CloudFront), 1.1 fra1-bit27 Last-Modified Fri, 01 May 2020 21:45:56 GMT Age 22956 ETag "6811a5ba82ea2a29f432a088612d8291" X-Cache Hit from cloudfront Content-Type text/css Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 1592 X-Amz-Cf-Id YBNsI9zPGfVLfWwVS3vL_byUXFana19LZ6Z8VfagskZN-TT_hZk1Jg==
GET H/1.1	200 OK	externalSVG.polyfill.js Show response www.covid-trv.app/	2 KB 3 KB	618ms 581ms	Script text/html	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/externalSVG.polyfill.js Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 78f9f71a44b318faf61e3eaf3d4d9e009fc67702ae2571d757d31c04de8e8398 Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 01 May 2020 22:55:49 GMT Via 1.1 89b8117bd9270d922b4549a30cd5ce50.cloudfront.net (CloudFront), 1.1 fra1-bit27 Last-Modified Fri, 01 May 2020 21:45:56 GMT Age 29099 ETag "2f3ee7695416025afc9cf4d81f653cbc" X-Cache Error from cloudfront Content-Type text/html Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 2306 X-Amz-Cf-Id tGGWUAxgmA2qsm5_HSl45IyfyErvF8v6CPkYcOI4su3sOmLsDRwrOg==
GET H/1.1	200 OK	2.bce72ee7.chunk.js Show response www.covid-trv.app/static/js/	699 KB 699 KB	128ms 91ms	Script application/javascript	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/static/js/2.bce72ee7.chunk.js Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 376fe5a94c3d1c7168b0ac4020a6b6f6c699dc33f9bf411367e9ceae36d07e7a Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 02 May 2020 00:38:12 GMT Via 1.1 f9efc23cea6c58604ef3f56c3631925f.cloudfront.net (CloudFront), 1.1 fra1-bit27 Last-Modified Fri, 01 May 2020 21:45:56 GMT Age 22955 ETag "fe43359b4baae6452cb7d5a1719d0bc5" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 715624 X-Amz-Cf-Id 02xFf_Pt30EUD6W47fKPM-Z1Ta99uUEOuBNEgGSp32C3VQPiDlErgA==
GET H/1.1	200 OK	main.8dcdddf1.chunk.js Show response www.covid-trv.app/static/js/	48 KB 48 KB	131ms 94ms	Script application/javascript	107.162.147.211 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://www.covid-trv.app/static/js/main.8dcdddf1.chunk.js Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.147.211 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash cd3ea460ba71a6662b51e670b938068e94915c97aa55c5373a5deef695450b8a Request headers Referer https://www.covid-trv.app/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sat, 02 May 2020 00:38:12 GMT Via 1.1 02362f0faae05408640185d927020628.cloudfront.net (CloudFront), 1.1 fra1-bit27 Last-Modified Fri, 01 May 2020 21:45:56 GMT Age 22955 ETag "31fceb3a1fd6b3b183ad76213f6ffd8a" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop WAW50-C1 Accept-Ranges bytes Content-Length 48648 X-Amz-Cf-Id Ka9K3r5j3TjyWE7_yESJVc2fio2RPmpnaeBRElSkJoAIUlYWYok29w==
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9b667ad57ac796076b799c66b958201c10d3e8bb5dc45bc05810a8f058ac6ac7 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	df7a24b2-299a-4636-a520-b7f140a46951.woff2 www.travelers.com/media-assets/fonts/1.0/Fonts/	50 KB 51 KB	74ms 24ms	Font font/x-woff2	104.109.90.122 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.travelers.com/media-assets/fonts/1.0/Fonts/df7a24b2-299a-4636-a520-b7f140a46951.woff2 Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.90.122 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-90-122.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 7b3a013ae2a433ee2cca89eb487f78805fbdd2045507634f52a9c482ed167437 Security Headers Name Value Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.travelers.com/media-assets/fonts/1.0/base.css Origin https://www.covid-trv.app Response headers Date Sat, 02 May 2020 07:00:47 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Powered-By ASP.NET Connection keep-alive Content-Length 50892 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 08 Nov 2018 08:32:23 GMT Server Microsoft-IIS/8.5 X-Frame-Options sameorigin ETag "9c4d44933d77d41:0:dtagent7000100241011u2Z5" Vary Origin Content-Type font/x-woff2 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Feature-Policy fullscreen 'none' Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Accept-Ranges bytes Access-Control-Allow-Headers Origin Expires Tue, 30 Apr 2030 07:00:47 GMT
GET H/1.1	200 OK	3ce61ac1-805d-43a5-a253-d1c60a009223.woff2 www.travelers.com/media-assets/fonts/1.0/Fonts/	36 KB 36 KB	94ms 34ms	Font font/x-woff2	104.109.90.122 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.travelers.com/media-assets/fonts/1.0/Fonts/3ce61ac1-805d-43a5-a253-d1c60a009223.woff2 Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.90.122 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-90-122.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 843d69904611753b7b5ee5b15dfd6288514ad86f40f6611ef50310dbf264627f Security Headers Name Value Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.travelers.com/media-assets/fonts/1.0/base.css Origin https://www.covid-trv.app Response headers Date Sat, 02 May 2020 07:00:47 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Powered-By ASP.NET Connection keep-alive Content-Length 36472 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 08 Nov 2018 08:32:23 GMT Server Microsoft-IIS/8.5 X-Frame-Options sameorigin ETag "80713933d77d41:0:dtagent7000100241011u2Z5" Vary Origin Content-Type font/x-woff2 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Feature-Policy fullscreen 'none' Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Accept-Ranges bytes Access-Control-Allow-Headers Origin Expires Tue, 30 Apr 2030 07:00:47 GMT
GET H/1.1	200 OK	8ea6bd8e-4c27-4055-b5db-8780735770c3.woff2 www.travelers.com/media-assets/fonts/1.0/Fonts/	49 KB 50 KB	97ms 37ms	Font font/x-woff2	104.109.90.122 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.travelers.com/media-assets/fonts/1.0/Fonts/8ea6bd8e-4c27-4055-b5db-8780735770c3.woff2 Requested by Host: www.covid-trv.app URL: https://www.covid-trv.app/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.109.90.122 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a104-109-90-122.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 44a0ae1a6f07c7044e0e5c562a7509f15f89ae58619bbe0ae2436e561c2827d3 Security Headers Name Value Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://www.travelers.com/media-assets/fonts/1.0/base.css Origin https://www.covid-trv.app Response headers Date Sat, 02 May 2020 07:00:47 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Powered-By ASP.NET Connection keep-alive Content-Length 50236 X-dynaTrace PT=8173491;PA=155334977;SP=eBusiness Production;PS=-792330525 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 08 Nov 2018 08:32:24 GMT Server Microsoft-IIS/8.5 X-Frame-Options sameorigin ETag "ee8c34933d77d41:0" Vary Origin Content-Type font/x-woff2 Access-Control-Allow-Origin * X-XSS-Protection 1; mode=block Cache-Control max-age=315360000 Feature-Policy fullscreen 'none' Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; img-src https: data: http://*.travp.net; font-src https: data: Accept-Ranges bytes Access-Control-Allow-Headers Origin Expires Tue, 30 Apr 2030 07:00:47 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.covid-trv.app
www.travelers.com
104.109.90.122
107.162.147.211
0dc74122b37237fb33323e273c0768f3c010d69d57292b104ed814644f7f64b4
376fe5a94c3d1c7168b0ac4020a6b6f6c699dc33f9bf411367e9ceae36d07e7a
44a0ae1a6f07c7044e0e5c562a7509f15f89ae58619bbe0ae2436e561c2827d3
7473421cee86e05768ab458c8b5d605f4b434b530901950043fb3fb5f06067b6
78f9f71a44b318faf61e3eaf3d4d9e009fc67702ae2571d757d31c04de8e8398
7b3a013ae2a433ee2cca89eb487f78805fbdd2045507634f52a9c482ed167437
843d69904611753b7b5ee5b15dfd6288514ad86f40f6611ef50310dbf264627f
9b667ad57ac796076b799c66b958201c10d3e8bb5dc45bc05810a8f058ac6ac7
bd5c16d60d6ccc166cafb260cde522f05e8e1bdeb64fe904d33535053fb579f8
cd3ea460ba71a6662b51e670b938068e94915c97aa55c5373a5deef695450b8a