covid.vbia.ca Open in urlscan Pro
205.186.175.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.covid.vbia.ca/
Effective URL:
https://covid.vbia.ca/
Submission: On May 26 via automatic, source certstream-suspicious (May 26th 2020, 11:27:30 pm UTC)

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 205.186.175.129, located in Culver City, United States and belongs to MEDIATEMPLE, US. The main domain is covid.vbia.ca.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on May 26th 2020. Valid for: a year.

This is the only time covid.vbia.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 13	205.186.175.129 205.186.175.129		31815 (MEDIATEMPLE) (MEDIATEMPLE)
2	2a00:1450:400... 2a00:1450:4001:815::200a		15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81b::2003		15169 (GOOGLE) (GOOGLE)
18	3

13 205.186.175.129 (Culver City, United States) 1 redirects

ASN31815 (MEDIATEMPLE, US)
PTR: ekiaioeqci.c09.mtsvc.net

www.covid.vbia.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
covid.vbia.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	vbia.ca 1 redirects www.covid.vbia.ca covid.vbia.ca	151 KB
4	gstatic.com fonts.gstatic.com	41 KB
2	googleapis.com fonts.googleapis.com	1 KB
18	3

	Domain	Requested by
12	covid.vbia.ca	covid.vbia.ca
4	fonts.gstatic.com	covid.vbia.ca
2	fonts.googleapis.com	covid.vbia.ca
1	www.covid.vbia.ca	1 redirects
18	4

This site contains links to these domains. Also see Links.

Domain
wordpress.org
twitter.com
facebook.com
linkedin.com
www.inkthemes.com

Subject Issuer	Validity	Valid
covid.vbia.ca Starfield Secure Certificate Authority - G2	`2020-05-26` - `2021-05-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://covid.vbia.ca/
Frame ID: CD8576ECF7CCEC7B92210BB0B94737D8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.covid.vbia.ca/ HTTP 301
https://covid.vbia.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

193 kB
Transfer

504 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: A WordPress Commenter

Search URL Search Domain Scan URL

URL: http://twitter.com/VBIAbrain

Search URL Search Domain Scan URL

URL: http://facebook.com/VBIABrain

Search URL Search Domain Scan URL

URL: http://linkedin.com/VBIAbrain

Search URL Search Domain Scan URL

URL: https://www.inkthemes.com/market/colorway-wp-theme/
Title: Colorway WordPress Theme by InkThemes.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.covid.vbia.ca/ HTTP 301
https://covid.vbia.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
covid.vbia.ca/
Redirect Chain

https://www.covid.vbia.ca/
https://covid.vbia.ca/

15 KB
4 KB

1639ms
1383ms

Document
text/html

205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: 3f005d871b9e9ab6d4d835156702664fefaaada1a123d88e28e68cdd6a426b2f

Request headers

:method: GET
:authority: covid.vbia.ca
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx/1.16.1
date: Tue, 26 May 2020 23:26:56 GMT
content-type: text/html; charset=UTF-8
content-length: 3713
x-powered-by: PHP/7.3.11
link: <https://covid.vbia.ca/wp-json/>; rel="https://api.w.org/"
accept-ranges: none
vary: Accept-Encoding,User-Agent
content-encoding: gzip

Redirect headers

status: 301
server: nginx/1.16.1
date: Tue, 26 May 2020 23:26:54 GMT
content-type: text/html; charset=UTF-8
location: https://covid.vbia.ca/
x-powered-by: PHP/7.3.11
x-redirect-by: WordPress
vary: User-Agent

GET
H2 200 style.min.css
covid.vbia.ca/wp-content/themes/colorway/assets/css/ 188 KB
32 KB 466ms
464ms Stylesheet
text/css 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-content/themes/colorway/assets/css/style.min.css?ver=5.4.1
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 3415258aea84798deaa392cffdd6691d9a818e5e162c2c6d305cfeb629296c58

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 22:20:49 GMT
server: nginx/1.16.1
etag: "2ef3d-5a69481fe17b0-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 32284

GET
H2 200 style.min.css
covid.vbia.ca/wp-includes/css/dist/block-library/ 52 KB
8 KB 333ms
332ms Stylesheet
text/css 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 15:32:14 GMT
server: nginx/1.16.1
etag: "d159-5a40b11d01b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 7642

GET
H2 200 css
fonts.googleapis.com/ 4 KB
814 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%7CPoppins%7CLato%7CABeeZee&font-weight=Default%7Cnormal%7Cbold%7Cbolder%7Clighter%7C100%7C200%7C300%7C400%7C500%7C600%7C700%7C800%7C900&font-size=8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21%7C22%7C23%7C24%7C25%7C26%7C27%7C28%7C29%7C30%7C31%7C32%7C33%7C34%7C35%7C36%7C37%7C38%7C39%7C40&subset=latin&ver=5.4.1

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bcf1251c853a99f2f807c50e77637d14d68c4db976e5db2e464a162656af39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 May 2020 23:26:56 GMT
server: ESF
date: Tue, 26 May 2020 23:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 May 2020 23:26:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
598 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C700&subset=latin%2Clatin-ext&ver=5.4.1

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5736194816cdbdae61cbdc389f62f955cfa074130fb28dc95e42db7c66e7020b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 May 2020 23:26:56 GMT
server: ESF
date: Tue, 26 May 2020 23:26:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 May 2020 23:26:56 GMT

GET
H2 200 jquery.js Show response
covid.vbia.ca/wp-includes/js/jquery/ 95 KB
33 KB 187ms
186ms Script
application/javascript 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx/1.16.1
etag: "17a69-5890dc7401880-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 33776

GET
H2 200 jquery-migrate.min.js Show response
covid.vbia.ca/wp-includes/js/jquery/ 10 KB
4 KB 163ms
162ms Script
application/javascript 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx/1.16.1
etag: "2748-5333ff613c400-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4014

GET
H2 200 Brain-injury-logo-1.png
covid.vbia.ca/wp-content/uploads/2020/05/ 43 KB
43 KB 168ms
168ms Image
image/png 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid.vbia.ca/wp-content/uploads/2020/05/Brain-injury-logo-1.png
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 10590d9bbd5ddbe845cfdf359cbba9bff627064a60d17d41683ec0dda8c85833

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
last-modified: Tue, 26 May 2020 22:54:40 GMT
server: nginx/1.16.1
etag: "aaa7-5a694fb0efc60"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 43687

GET
H2 200 twitter-icon.png
covid.vbia.ca/wp-content/themes/colorway/assets/images/ 991 B
1 KB 165ms
165ms Image
image/png 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid.vbia.ca/wp-content/themes/colorway/assets/images/twitter-icon.png
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 8db4d8a9006a248eade7e6b4d4fd60394413d058036ee4842865581e25312efc

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
last-modified: Tue, 26 May 2020 22:20:49 GMT
server: nginx/1.16.1
etag: "3df-5a69481f871ee"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 991

GET
H2 200 facebook-icon.png
covid.vbia.ca/wp-content/themes/colorway/assets/images/ 1 KB
1 KB 166ms
165ms Image
image/png 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid.vbia.ca/wp-content/themes/colorway/assets/images/facebook-icon.png
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 595eb6f787ad50dc6b54a7a434f0f0e5b4b3e2f96071830ff29617c224b1f83c

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
last-modified: Tue, 26 May 2020 22:20:49 GMT
server: nginx/1.16.1
etag: "4e5-5a69481f95e08"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 1253

GET
H2 200 linked.png
covid.vbia.ca/wp-content/themes/colorway/assets/images/ 628 B
776 B 162ms
162ms Image
image/png 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid.vbia.ca/wp-content/themes/colorway/assets/images/linked.png
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: e68c4d1357124c136822d0b66abf07264c3f46f0ed4b00f9bf6cd806e4902b05

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
last-modified: Tue, 26 May 2020 22:20:49 GMT
server: nginx/1.16.1
etag: "274-5a69481fb640b"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 628

GET
H2 200 jquery.all.min.js Show response
covid.vbia.ca/wp-content/themes/colorway/assets/js/ 40 KB
13 KB 167ms
166ms Script
application/javascript 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-content/themes/colorway/assets/js/jquery.all.min.js?ver=5.4.1
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 7f2547961d43a4f61fa436f9fe8e3ff8d8571c8cd1f5063277c9791024ebc25c

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 22:20:48 GMT
server: nginx/1.16.1
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: none
content-length: 12710

GET
H2 200 wp-embed.min.js Show response
covid.vbia.ca/wp-includes/js/ 1 KB
947 B 163ms
163ms Script
application/javascript 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://covid.vbia.ca/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx/1.16.1
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: none
content-length: 769

GET
H2 200 pic01.jpg
covid.vbia.ca/wp-content/uploads/2020/05/ 10 KB
10 KB 161ms
161ms Image
image/jpeg 205.186.175.129
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid.vbia.ca/wp-content/uploads/2020/05/pic01.jpg
Requested by: Host: covid.vbia.ca
URL: https://covid.vbia.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.175.129 Culver City, United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: ekiaioeqci.c09.mtsvc.net
Software: nginx/1.16.1 /
Resource Hash: 2904395d23480e30c98185a9a9cce0c233f65b745824c42cd614bd9d2cee5ffd

Request headers

Referer: https://covid.vbia.ca/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 May 2020 23:26:56 GMT
last-modified: Tue, 26 May 2020 22:30:04 GMT
server: nginx/1.16.1
etag: "2788-5a694a30fc8a8"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 10120

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans%7CPoppins%7CLato%7CABeeZee&font-weight=Default%7Cnormal%7Cbold%7Cbolder%7Clighter%7C100%7C200%7C300%7C400%7C500%7C600%7C700%7C800%7C900&font-size=8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21%7C22%7C23%7C24%7C25%7C26%7C27%7C28%7C29%7C30%7C31%7C32%7C33%7C34%7C35%7C36%7C37%7C38%7C39%7C40&subset=latin&ver=5.4.1
Origin: https://covid.vbia.ca

Response headers

date: Tue, 19 May 2020 09:27:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 655192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Wed, 19 May 2021 09:27:04 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans%7CPoppins%7CLato%7CABeeZee&font-weight=Default%7Cnormal%7Cbold%7Cbolder%7Clighter%7C100%7C200%7C300%7C400%7C500%7C600%7C700%7C800%7C900&font-size=8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21%7C22%7C23%7C24%7C25%7C26%7C27%7C28%7C29%7C30%7C31%7C32%7C33%7C34%7C35%7C36%7C37%7C38%7C39%7C40&subset=latin&ver=5.4.1
Origin: https://covid.vbia.ca

Response headers

date: Tue, 19 May 2020 09:44:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 654162
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Wed, 19 May 2021 09:44:14 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Sans%7CPoppins%7CLato%7CABeeZee&font-weight=Default%7Cnormal%7Cbold%7Cbolder%7Clighter%7C100%7C200%7C300%7C400%7C500%7C600%7C700%7C800%7C900&font-size=8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C20%7C21%7C22%7C23%7C24%7C25%7C26%7C27%7C28%7C29%7C30%7C31%7C32%7C33%7C34%7C35%7C36%7C37%7C38%7C39%7C40&subset=latin&ver=5.4.1
Origin: https://covid.vbia.ca

Response headers

date: Tue, 26 May 2020 05:48:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 63501
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7968
x-xss-protection: 0
expires: Wed, 26 May 2021 05:48:35 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: covid.vbia.ca
URL: https://covid.vbia.ca/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600%2C700&subset=latin%2Clatin-ext&ver=5.4.1
Origin: https://covid.vbia.ca

Response headers

date: Mon, 18 May 2020 19:24:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 705766
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
expires: Tue, 18 May 2021 19:24:10 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| wp object| jQuery112405936237208261876

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://covid.vbia.ca/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

covid.vbia.ca
fonts.googleapis.com
fonts.gstatic.com
www.covid.vbia.ca
205.186.175.129
2a00:1450:4001:815::200a
2a00:1450:4001:81b::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
10590d9bbd5ddbe845cfdf359cbba9bff627064a60d17d41683ec0dda8c85833
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2904395d23480e30c98185a9a9cce0c233f65b745824c42cd614bd9d2cee5ffd
3415258aea84798deaa392cffdd6691d9a818e5e162c2c6d305cfeb629296c58
3f005d871b9e9ab6d4d835156702664fefaaada1a123d88e28e68cdd6a426b2f
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5736194816cdbdae61cbdc389f62f955cfa074130fb28dc95e42db7c66e7020b
595eb6f787ad50dc6b54a7a434f0f0e5b4b3e2f96071830ff29617c224b1f83c
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7f2547961d43a4f61fa436f9fe8e3ff8d8571c8cd1f5063277c9791024ebc25c
8bcf1251c853a99f2f807c50e77637d14d68c4db976e5db2e464a162656af39a
8db4d8a9006a248eade7e6b4d4fd60394413d058036ee4842865581e25312efc
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
e68c4d1357124c136822d0b66abf07264c3f46f0ed4b00f9bf6cd806e4902b05
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388