rcp-covid-response-uat.ggwebcast.com Open in urlscan Pro
178.79.150.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rcp-covid-response-uat.ggwebcast.com/
Submission: On April 16 via automatic, source certstream-suspicious (April 16th 2020, 4:35:10 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 16 HTTP transactions. The main IP is 178.79.150.92, located in London, United Kingdom and belongs to LINODE-AP Linode, LLC, US. The main domain is rcp-covid-response-uat.ggwebcast.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 16th 2020. Valid for: 3 months.

This is the only time rcp-covid-response-uat.ggwebcast.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	178.79.150.92 178.79.150.92	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16	8

4 178.79.150.92 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li270-92.members.linode.com

rcp-covid-response-uat.ggwebcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ggwebcast.com rcp-covid-response-uat.ggwebcast.com	1 MB
3	cloudflare.com cdnjs.cloudflare.com	423 KB
2	facebook.com 1 redirects www.facebook.com	423 B
2	twitter.com platform.twitter.com	29 KB
2	facebook.net connect.facebook.net	116 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	39 KB
1	linkedin.com platform.linkedin.com	55 KB
1	jquery.com code.jquery.com	30 KB
16	8

	Domain	Requested by
4	rcp-covid-response-uat.ggwebcast.com	rcp-covid-response-uat.ggwebcast.com
3	cdnjs.cloudflare.com	rcp-covid-response-uat.ggwebcast.com
2	www.facebook.com	1 redirects rcp-covid-response-uat.ggwebcast.com
2	platform.twitter.com	rcp-covid-response-uat.ggwebcast.com platform.twitter.com
2	connect.facebook.net	rcp-covid-response-uat.ggwebcast.com connect.facebook.net
2	stackpath.bootstrapcdn.com	rcp-covid-response-uat.ggwebcast.com
1	platform.linkedin.com	rcp-covid-response-uat.ggwebcast.com
1	code.jquery.com	rcp-covid-response-uat.ggwebcast.com
16	8

This site contains no links.

Subject Issuer	Validity	Valid
rcp-covid-response-uat.ggwebcast.com Let's Encrypt Authority X3	`2020-04-16` - `2020-07-15`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2021-10-14`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://rcp-covid-response-uat.ggwebcast.com/
Frame ID: C87D884433D447FDCED3455467014ECE
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com
Frame ID: 0421BD92A57F80A282EF128600E24AFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

2132 kB
Transfer

4844 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.facebook.com/tr/?id=514252672553576&ev=fb_page_view&dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&rl=&if=false&ts=1587054887225&sw=1600&sh=1200 HTTP 302
https://www.facebook.com/tr/?dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&ev=fb_page_view&id=514252672553576&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1587054887225

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rcp-covid-response-uat.ggwebcast.com/ 8 KB
8 KB 219ms
48ms Document
text/html 178.79.150.92
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.79.150.92 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li270-92.members.linode.com
Software: nginx/1.17.9 / PHP/7.3.16
Resource Hash: e29945472eb03722348a3254907357b276eaf4ab241a0f3badffa644256d766c

Request headers

:method: GET
:authority: rcp-covid-response-uat.ggwebcast.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 16 Apr 2020 16:34:46 GMT
server: nginx/1.17.9
set-cookie: XSRF-TOKEN=eyJpdiI6InJSVU9yeVVJVzF0eGVYWjM3UTRoNmc9PSIsInZhbHVlIjoiWEM2N3hwa05JK0tFWGY1aXZhN2txVmpqbXlYRW52dVV4d1VJM0NoWDBMSGJwN3NkY2doUzBlM1ZoM0VCbWtxVSIsIm1hYyI6IjA5MDljYzg5ZWEyYmFhOWMzZjE2MzJkMmNjYWQzNjlkNTU0Yzg0MmZkM2Q4NWI0YzQ4ZTlhODc2MGIxMjM1ZTAifQ%3D%3D; expires=Thu, 16-Apr-2020 18:34:46 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Ik52UGtUa2pLak5TMm1XXC8rYjFtRHFnPT0iLCJ2YWx1ZSI6IldIcXR4dFhOQkMxSzRnRDBBNTBSTVpZXC9WT2xFTUswRWlwMnFrVG84Z1lcLzluaFpYRFllQXZnSWZaSGptUW9nSCIsIm1hYyI6ImQwYjEzZGNmZTdhOTdhNWJkMTRjYWIzMTIwMmQxMTlkNzc4MTI2ZTkzZjJmMTE4NDYwOWMwNGZmNmIyM2FjYmEifQ%3D%3D; expires=Thu, 16-Apr-2020 18:34:46 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.3.16

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
23 KB 46ms
18ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rcp-covid-response-uat.ggwebcast.com/
Origin: https://rcp-covid-response-uat.ggwebcast.com

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:46 GMT
status: 200
etag: "1574963566"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23681

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 43ms
41ms Stylesheet
text/css 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5994498
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 022570d84c0000dfc3e2357200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 584f50d3a996dfc3-FRA
expires: Tue, 06 Apr 2021 16:34:47 GMT

GET
H2 200 style.css
rcp-covid-response-uat.ggwebcast.com/css/ 12 KB
12 KB 41ms
40ms Stylesheet
text/css 178.79.150.92
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://rcp-covid-response-uat.ggwebcast.com/css/style.css
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.79.150.92 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li270-92.members.linode.com
Software: nginx/1.17.9 /
Resource Hash: 6e074c5a8f8cc36205dd156264876392f470c2d54f9c20b31093e0e20f6adc0c

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
last-modified: Thu, 16 Apr 2020 16:27:16 GMT
server: nginx/1.17.9
etag: "5e988764-2ebc"
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 11964

GET
H/1.1 200
OK jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 21ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rcp-covid-response-uat.ggwebcast.com/
Origin: https://rcp-covid-response-uat.ggwebcast.com

Response headers

Date: Thu, 16 Apr 2020 16:34:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 May 2019 21:14:27 GMT
Server: nginx
ETag: W/"5cca0c33-15851"
Vary: Accept-Encoding
X-HW: 1587054886.dop057.fr8.shc,1587054887.dop057.fr8.t,1587054887.cds159.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30638

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 59 KB
16 KB 52ms
24ms Script
text/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rcp-covid-response-uat.ggwebcast.com/
Origin: https://rcp-covid-response-uat.ggwebcast.com

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:52 GMT
status: 200
etag: "1574963572"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 15919

GET
H2 200 pdf.js Show response
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.3.200/ 749 KB
129 KB 42ms
41ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.3.200/pdf.js

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a9c999ed2277b2e109e41673f6a8ec282c9b024c51692f28b4f195a1fcb5cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5988529
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 022570d84c0000dfc3e2358200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Sat, 05 Oct 2019 10:01:07 GMT
server: cloudflare
etag: W/"5d9869e3-bb5ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 584f50d3a99cdfc3-FRA
expires: Tue, 06 Apr 2021 16:34:47 GMT

GET
H2 200 pdf.worker.js Show response
cdnjs.cloudflare.com/ajax/libs/pdf.js/2.3.200/ 2 MB
287 KB 30ms
30ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pdf.js/2.3.200/pdf.worker.js

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74948eaad0eb3637c6ddb0b66d26401c2660138cd04f426ce9bace905a7c3c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 14520748
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 022570d84c0000dfc3e2359200000001
served-in-seconds: 0.006
timing-allow-origin: *
last-modified: Sat, 05 Oct 2019 10:01:08 GMT
server: cloudflare
etag: W/"5d9869e4-19d531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 584f50d3a9a2dfc3-FRA
expires: Tue, 06 Apr 2021 16:34:47 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c3382dca473f5c0bc56e0ad19d61897733dec28f0a0efd9573056df62749b71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EOUVYTOuT/+TBTX3LCkvmg==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 1777
etag: "6cd325a14f1a71e85a6fb7e1e9109cc9"
x-fb-debug: pPcGdN8RDUVo73wg49lENZfW6LQ+8zEMOK0O10eW69WZlj6y9GG4sNx/zBFWCJbGTkRuJMtXqJ2Pg1tR4m94bA==
x-fb-trip-id: 1850256238
x-fb-content-md5: e8c2b91f69577d8d20272d8ace01b411
x-frame-options: DENY
date: Thu, 16 Apr 2020 16:34:47 GMT, Thu, 16 Apr 2020 16:34:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Apr 2020 16:45:02 GMT

GET
H2 200 rcplogo.png
rcp-covid-response-uat.ggwebcast.com/images/ 51 KB
51 KB 40ms
39ms Image
image/png 178.79.150.92
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rcp-covid-response-uat.ggwebcast.com/images/rcplogo.png
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.79.150.92 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li270-92.members.linode.com
Software: nginx/1.17.9 /
Resource Hash: f22b6bbf3f5766cbb38644fbe1706a2fabaa33f14c8db857cc1b5c5af6cec968

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
last-modified: Thu, 16 Apr 2020 16:27:16 GMT
server: nginx/1.17.9
etag: "5e988764-cb55"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 52053

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40FA) /
Resource Hash: deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 16 Apr 2020 16:34:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:48:50 GMT
Server: ECS (fcn/40FA)
Age: 1261
Etag: "bfee88d079c2668aea5525e2d719ba90+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29121

GET
H2 200 in.js Show response
platform.linkedin.com/ 181 KB
55 KB 26ms
6ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: f4eb2c29cc9426b38bdc06a83fbc20aeb07b5e61fcc7ca6db1166126bc449d00

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 3333
x-cache: HIT
status: 200
x-cdn-proto: HTTP2
content-length: 55595
x-li-uuid: rDV67vpWBhbQzUqUUisAAA==
server: ECAcc (frc/8F0A)
last-modified: Thu, 16 Apr 2020 15:39:14 GMT
x-li-pop: prod-tln1
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lor1
expires: Thu, 16 Apr 2020 16:39:14 GMT

GET
H2 200 rcpcover.jpg
rcp-covid-response-uat.ggwebcast.com/images/ 1 MB
1 MB 65ms
65ms Image
image/jpeg 178.79.150.92
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rcp-covid-response-uat.ggwebcast.com/images/rcpcover.jpg
Requested by: Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.79.150.92 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li270-92.members.linode.com
Software: nginx/1.17.9 /
Resource Hash: c0f88939aa2e38d95cbc610f829e37cdf07a4d73f532fd2be44011f944365ad2

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT
last-modified: Thu, 16 Apr 2020 16:27:16 GMT
server: nginx/1.17.9
etag: "5e988764-1563ff"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 1401855

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 390 KB
114 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ff3e6fbc215ae753a8b002e358a0aaec&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af6e0b58bbebfa1025c26afee6f6ba3464c22e104ad10e0a8e9f1a79cd60333e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rcp-covid-response-uat.ggwebcast.com/
Origin: https://rcp-covid-response-uat.ggwebcast.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kVRuv9NE+czFTXPI1d+CbQ==
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 116009
etag: "73b1c04c29f72fec23984d95bd19bd25"
x-fb-debug: lqqfLftcHag7WZAaeNDhn2Mri8VUH6bmNtFmaVanV2ZL5UR8hZe23oMQcQvgzN64w2+3KfNwnZ44NX6r24ZvVg==
x-fb-trip-id: 1850256238
x-fb-content-md5: 97a0b39ffe67383821fe8783abf9a8c0
x-frame-options: DENY
date: Thu, 16 Apr 2020 16:34:47 GMT, Thu, 16 Apr 2020 16:34:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 16 Apr 2021 16:31:59 GMT

GET
H/1.1 200
OK widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame 0421 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rcp-covid-response-uat.ggwebcast.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://rcp-covid-response-uat.ggwebcast.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 53761
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Apr 2020 16:34:47 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 07 Apr 2020 20:47:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=514252672553576&ev=fb_page_view&dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&rl=&if=false&ts=1587054887225&sw=1600&sh=1200
https://www.facebook.com/tr/?dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&ev=fb_page_view&id=514252672553576&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1587054887225

44 B
124 B

6ms
6ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&ev=fb_page_view&id=514252672553576&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1587054887225

Requested by

Host: rcp-covid-response-uat.ggwebcast.com
URL: https://rcp-covid-response-uat.ggwebcast.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rcp-covid-response-uat.ggwebcast.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 16:34:47 GMT, Thu, 16 Apr 2020 16:34:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Apr 2020 16:34:47 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Apr 2020 16:34:47 GMT, Thu, 16 Apr 2020 16:34:47 GMT
server: proxygen-bolt
status: 302
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
location: /tr/?dl=https%3A%2F%2Frcp-covid-response-uat.ggwebcast.com%2F&ev=fb_page_view&id=514252672553576&if=false&redirect=0&rl=&sh=1200&sw=1600&ts=1587054887225
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rcp-covid-response-uat.ggwebcast.com/	1970-01-19 08:51:02	Name: laravel_session Value: eyJpdiI6Ik52UGtUa2pLak5TMm1XXC8rYjFtRHFnPT0iLCJ2YWx1ZSI6IldIcXR4dFhOQkMxSzRnRDBBNTBSTVpZXC9WT2xFTUswRWlwMnFrVG84Z1lcLzluaFpYRFllQXZnSWZaSGptUW9nSCIsIm1hYyI6ImQwYjEzZGNmZTdhOTdhNWJkMTRjYWIzMTIwMmQxMTlkNzc4MTI2ZTkzZjJmMTE4NDYwOWMwNGZmNmIyM2FjYmEifQ%3D%3D
			rcp-covid-response-uat.ggwebcast.com/	1970-01-19 08:51:02	Name: XSRF-TOKEN Value: eyJpdiI6InJSVU9yeVVJVzF0eGVYWjM3UTRoNmc9PSIsInZhbHVlIjoiWEM2N3hwa05JK0tFWGY1aXZhN2txVmpqbXlYRW52dVV4d1VJM0NoWDBMSGJwN3NkY2doUzBlM1ZoM0VCbWtxVSIsIm1hYyI6IjA5MDljYzg5ZWEyYmFhOWMzZjE2MzJkMmNjYWQzNjlkNTU0Yzg0MmZkM2Q4NWI0YzQ4ZTlhODc2MGIxMjM1ZTAifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
platform.linkedin.com
platform.twitter.com
rcp-covid-response-uat.ggwebcast.com
stackpath.bootstrapcdn.com
www.facebook.com
178.79.150.92
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:85e5
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
4c3382dca473f5c0bc56e0ad19d61897733dec28f0a0efd9573056df62749b71
5a9c999ed2277b2e109e41673f6a8ec282c9b024c51692f28b4f195a1fcb5cf1
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6e074c5a8f8cc36205dd156264876392f470c2d54f9c20b31093e0e20f6adc0c
74948eaad0eb3637c6ddb0b66d26401c2660138cd04f426ce9bace905a7c3c4f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
af6e0b58bbebfa1025c26afee6f6ba3464c22e104ad10e0a8e9f1a79cd60333e
c0f88939aa2e38d95cbc610f829e37cdf07a4d73f532fd2be44011f944365ad2
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e29945472eb03722348a3254907357b276eaf4ab241a0f3badffa644256d766c
f22b6bbf3f5766cbb38644fbe1706a2fabaa33f14c8db857cc1b5c5af6cec968
f4eb2c29cc9426b38bdc06a83fbc20aeb07b5e61fcc7ca6db1166126bc449d00

rcp-covid-response-uat.ggwebcast.com Open in urlscan Pro 178.79.150.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

8 IPs

4 Countries

2132 kBTransfer

4844 kBSize

2 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

2 Cookies

Indicators

rcp-covid-response-uat.ggwebcast.com Open in urlscan Pro
178.79.150.92 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

2132 kB
Transfer

4844 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions