urlscan.io logo urlscan.io
SecurityTrails logo

covid19downunder.com Open in urlscan Pro
2606:4700:3033::681c:7aa  Public Scan

Go To Rescan Add Verdict Report
URL: https://covid19downunder.com/
Submission: On August 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3033::681c:7aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid19downunder.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.
This is the only time covid19downunder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3033::681c:7aa (United States)

ASN13335 (CLOUDFLARENET, US)
covid19downunder.com
2    99.86.2.140 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-140.fra6.r.cloudfront.net
api.mapbox.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:e0::ac40:6502 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    54.206.106.95 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-206-106-95.ap-southeast-2.compute.amazonaws.com
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com
3    2606:4700:e0::ac40:6402 (United States)

ASN13335 (CLOUDFLARENET, US)
r.lr-ingest.io
Domain Requested by
4 t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com covid19downunder.com
4 covid19downunder.com covid19downunder.com
3 r.lr-ingest.io cdn.lr-ingest.io
3 fonts.gstatic.com covid19downunder.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
covid19downunder.com
3 js.stripe.com covid19downunder.com
js.stripe.com
2 fonts.googleapis.com covid19downunder.com
2 api.mapbox.com covid19downunder.com
1 cdn.lr-ingest.io covid19downunder.com
1 stats.g.doubleclick.net covid19downunder.com
1 www.googletagmanager.com covid19downunder.com
1 maxcdn.bootstrapcdn.com covid19downunder.com
29 12

This site contains links to these domains. Also see Links.

Domain
wpopera.co
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
api.mapbox.com
Amazon		 2020-03-05 -
2021-04-05		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-07 -
2020-10-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.execute-api.ap-southeast-2.amazonaws.com
Amazon		 2019-09-28 -
2020-10-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://covid19downunder.com/
Frame ID: 53ADD5DC62702AADC24F89209C0FC843
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-ce945769f405485f0e160ab976441daf.html
Frame ID: D4CF2F941F4B54E0C33E1CE6047823CA
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
Frame ID: 0228DF0853DA2F884551C50DA05A9CC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

93 %
HTTPS

75 %
IPv6

11
Domains

12
Subdomains

13
IPs

5
Countries

1034 kB
Transfer

4379 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1193308167&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19downunder.com%2F&ul=en-us&de=UTF-8&dt=AUSTRALIA%20COVID19%20APP%20-%20COMMUNITY%20SPREAD%20LIVE%20DATA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1698186261&gjid=87099726&cid=1644817697.1596916889&tid=UA-159378310-3&_gid=653836393.1596916889&_r=1&gtm=2wg7v1M8CNLFK&z=1597880075 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159378310-3&cid=1644817697.1596916889&jid=1698186261&_gid=653836393.1596916889&gjid=87099726&_v=j83&z=1597880075

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid19downunder.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:7aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923a84d96a5305896012282276df5f2c8060195666156c3e82ef888c62713f51

Request headers

:method
GET
:authority
covid19downunder.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 08 Aug 2020 20:01:26 GMT
content-type
text/html
set-cookie
__cfduid=dffd0cf4740f818525f953d25c20c70171596916885; expires=Mon, 07-Sep-20 20:01:25 GMT; path=/; domain=.covid19downunder.com; HttpOnly; SameSite=Lax
x-amz-id-2
6sJpDytOhI+qnRlWHdX+5QfG3HV8Orx9MEozpjeL8TyPgFQw2ySsAX2A4EDxJh9PaZQFJV9iDXg=
x-amz-request-id
86A64293C3BF6CAB
x-amz-meta-s3cmd-attrs
atime:1591962717/ctime:1591962717/gid:20/gname:staff/md5:32066cc4837d2d164e8ea08e30479d03/mode:33188/mtime:1591962717/uid:503/uname:daniel
last-modified
Fri, 12 Jun 2020 11:52:05 GMT
x-amz-version-id
3o_IUMrZoi0ipg7sbpcqNzVZLGFENFF0
cf-cache-status
DYNAMIC
cf-request-id
04714301df000096a47e052200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5bfbd449690796a4-FRA
content-encoding
br
mapbox-gl.js
api.mapbox.com/mapbox-gl-js/v1.8.1/ 		733 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.mapbox.com/mapbox-gl-js/v1.8.1/mapbox-gl.js
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
f43fb780e50fe25f024c9a1eb6bfe0896bb23e12d973d28a4234bb51cbe83b18

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Feb 2020 10:10:24 GMT
Content-Encoding
gzip
Age
14205062
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed Feb 26 2020 09:37:08 GMT+0000 (Coordinated Universal Time)
ETag
"ba53bfa9ae4476c3f2e36c53fbaedd8e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
m8OyXPugrPOZXg2BdH67U9l6njEpV-RJRDLV2r8oMj3wc3DRbE0iZQ==
mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v1.8.1/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.mapbox.com/mapbox-gl-js/v1.8.1/mapbox-gl.css
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-140.fra6.r.cloudfront.net
Software
/ Express
Resource Hash
c8677dad34a7efa1253d5979a1ebf76d7affe2086f775e1116f69da96c7bffe8

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Feb 2020 10:10:23 GMT
Content-Encoding
gzip
Age
14205063
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed Feb 26 2020 09:37:11 GMT+0000 (Coordinated Universal Time)
ETag
"6a979585c2cefb633c4aef3233994d0c"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
n03DE-ZLpK2GYE-fVQZvTkjpDxjpb0ejK1PI0EHERVPi2JJk1L_84w==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covid19downunder.com/
Origin
https://covid19downunder.com

Response headers

date
Sat, 08 Aug 2020 20:01:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 28 Nov 2019 17:52:46 GMT
status
200
etag
"1574963566"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23681
css
fonts.googleapis.com/ 		10 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 Aug 2020 19:39:03 GMT
server
ESF
date
Sat, 08 Aug 2020 20:01:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Aug 2020 20:01:26 GMT
icon
fonts.googleapis.com/ 		574 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f41f68f6cebc61615428108a71b627484a2390fa0e015e5aa87d06b48233c8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 Aug 2020 20:01:26 GMT
server
ESF
date
Sat, 08 Aug 2020 20:01:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Aug 2020 20:01:26 GMT
/
js.stripe.com/v3/ 		176 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71a528ab12f1162f24d3ecd32a307b0baa276c83ff286d92c73af590d77fec5b
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:26 GMT
content-encoding
gzip
vary
Accept-Encoding
age
275
via
1.1 varnish
x-cache
HIT
status
200
content-length
45802
x-amz-id-2
WmkPdFSvhL7poc7xmrh3+ENeKbxzRzoUd3m3i6doi3qxMZjN41wf1yLY9g090KDIVUAUxu8Hvn8=
x-served-by
cache-hhn4060-HHN
timing-allow-origin
*
last-modified
Fri, 07 Aug 2020 22:23:58 GMT
server
AmazonS3
etag
"8a537fbde63bf91513e09606ced1f5d3"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
652E67BAAF831B09
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
211
main.2f9427f3.chunk.css
covid19downunder.com/static/css/ 		277 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid19downunder.com/static/css/main.2f9427f3.chunk.css
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:7aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b54e163e9946f096172c684f7d635036bf04715dd7e7a0f979323a7bf853e05

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:27 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
6E66DCBCA8715206
status
200
x-amz-version-id
a_oVigUSA5nZzNrusDDdR_1A.PNBr2MG
x-amz-id-2
QwjHEpLXc6XHKCluDDbIt80d4mFc4fGtVm10Oj/JYl7ghopvevlaKs3rjTl2gomYk0NK8AFQ3Ts=
last-modified
Tue, 17 Mar 2020 11:59:34 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1584446338/ctime:1584446338/gid:20/gname:staff/md5:9052e237f7fa862835459e7c397538e2/mode:33188/mtime:1584446338/uid:501/uname:admin
etag
W/"9052e237f7fa862835459e7c397538e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-request-id
047143049e000096a47e080200000001
cf-ray
5bfbd44dcc9196a4-FRA
2.1402486d.chunk.js
covid19downunder.com/static/js/ 		2 MB
415 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid19downunder.com/static/js/2.1402486d.chunk.js
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:7aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bf14abf78e4cdb847bda62ec03dd126c16a48f9ee67a337bd50fc66b016af6e

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:28 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
BA5CFB099697083F
status
200
x-amz-version-id
olkTiSvCczu.zhHYpdNv_e_rBxSqhlRs
x-amz-id-2
sS9Vr2/tDHlLDtgPYbGMPafxf4+vZInYIj+vzGEY1hjH7pWMElrCMNMZLFv7Nb9CS+O6JTzrluU=
last-modified
Fri, 12 Jun 2020 11:47:22 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1591962430/ctime:1591962430/gid:20/gname:staff/md5:d484701f89146d79eae7283d68f6d4ca/mode:33188/mtime:1591962430/uid:503/uname:daniel
etag
W/"d484701f89146d79eae7283d68f6d4ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
047143049e000096a47e081200000001
cf-ray
5bfbd44dcc9296a4-FRA
main.8e08bc02.chunk.js
covid19downunder.com/static/js/ 		54 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid19downunder.com/static/js/main.8e08bc02.chunk.js
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:7aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e45a9e1a97e8aafe6a678a73973018953caed99e0268c1e406d47605356c5fd

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:27 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
14C4410CAE239BD6
status
200
x-amz-version-id
gvExkVevaTKBowAYmC0pjiWmmFoNamew
x-amz-id-2
PZdZAMgld70WAoa3uCobv0ZD3J/weuQnQrb9CAmJBLUG+UfM8iR3ViSkrSCPFXGEC/8r0IYoVUg=
last-modified
Fri, 12 Jun 2020 11:52:03 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1591962717/ctime:1591962717/gid:20/gname:staff/md5:b75d84153c5b03f1ca8878347686ff47/mode:33188/mtime:1591962717/uid:503/uname:daniel
etag
W/"b75d84153c5b03f1ca8878347686ff47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
047143049e000096a47e082200000001
cf-ray
5bfbd44dcc9496a4-FRA
gtm.js
www.googletagmanager.com/ 		65 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M8CNLFK
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
69f24179985caad68fa2e04a2eee315d606bd587383a0a132eff2196806b45db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:29 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26246
x-xss-protection
0
last-modified
Sat, 08 Aug 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 08 Aug 2020 20:01:29 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8CNLFK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6350
date
Sat, 08 Aug 2020 18:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sat, 08 Aug 2020 20:15:39 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1193308167&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19downunder.com%2F&ul=en-us&de=UTF-8&dt=AUSTRALIA%20COVID19%20APP%20-%20COMMUNITY%20SPREAD%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159378310-3&cid=1644817697.1596916889&jid=1698186261&_gid=653836393.1596916889&gjid=87099726&_v=j83&z=1597880075
35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159378310-3&cid=1644817697.1596916889&jid=1698186261&_gid=653836393.1596916889&gjid=87099726&_v=j83&z=1597880075
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 08 Aug 2020 20:01:29 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 08 Aug 2020 20:01:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-159378310-3&cid=1644817697.1596916889&jid=1698186261&_gid=653836393.1596916889&gjid=87099726&_v=j83&z=1597880075
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
logger.min.js
cdn.lr-ingest.io/ 		741 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger.min.js
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6502 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e13d0ddaf36ffa635e2edf3c5de8fd688227f989b430de295b448f4b9862bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:40 GMT
content-encoding
br
vary
x-fh-requested-host, accept-encoding
cf-cache-status
HIT
age
20
x-cache
HIT
status
200
cf-request-id
04714338d500001f5183839200000001
x-served-by
cache-fra19135-FRA
last-modified
Fri, 07 Aug 2020 14:46:25 GMT
server
cloudflare
x-timer
S1596811778.616915,VS0,VE2
etag
W/"6d675e357a89100eabe66a204e91e7215117fdefb2c14ca08385e3c14a8252e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31556926
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
5bfbd4a15f781f51-FRA
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6361
date
Sat, 08 Aug 2020 18:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sat, 08 Aug 2020 20:15:39 GMT
controller-ce945769f405485f0e160ab976441daf.html
js.stripe.com/v3/ Frame D4CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-ce945769f405485f0e160ab976441daf.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-ce945769f405485f0e160ab976441daf.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19downunder.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covid19downunder.com/

Response headers

status
200
x-amz-id-2
6Lyt+/QcLTg+EXe3OGB+RnNcl7QcVTBgTVvseolsx8WY20RFkYVx+BiGy0Reqqw9CS713cIgNTs=
x-amz-request-id
4E1E406F857DE1B0
last-modified
Fri, 07 Aug 2020 22:23:55 GMT
etag
"ce945769f405485f0e160ab976441daf"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sat, 08 Aug 2020 20:01:40 GMT
via
1.1 varnish
age
210
x-served-by
cache-hhn4060-HHN
x-cache
HIT
x-cache-hits
85
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
239
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://covid19downunder.com

Response headers

date
Wed, 15 Jul 2020 17:09:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
2083913
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Thu, 15 Jul 2021 17:09:47 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://covid19downunder.com

Response headers

date
Sat, 11 Jul 2020 09:25:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2457355
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sun, 11 Jul 2021 09:25:45 GMT
5d3b4d38-8436-4522-a6bd-35f32d529090
https://covid19downunder.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://covid19downunder.com/5d3b4d38-8436-4522-a6bd-35f32d529090
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
/
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/ 		251 B
462 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.106.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-106-95.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
c5723072d61c757b8b2a92ddb0aabebf33ad64b3d1f514d1cf0f28f652dd0f91

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Aug 2020 20:01:42 GMT
x-amzn-requestid
1514a9e1-3093-4bd4-ba8a-b2b0f8a8312e
status
200
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f2f04a5-935a2ea5b720a6d2c1bd1304;Sampled=0
x-amz-apigw-id
Q92p2GV_SwMFeVA=
content-length
251
/
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/ 		70 KB
71 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.106.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-106-95.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
88edcdbafbec279f5e0cc18102a7cf9a33fb5969125e38467da9b7b17f7064a2

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Aug 2020 20:01:44 GMT
x-amzn-requestid
dd26a530-bbad-4282-823a-84f1dbb1f4fd
status
200
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f2f04a5-fe9967cc124b07e1e205027f;Sampled=0
x-amz-apigw-id
Q92p2HUeywMFbhQ=
content-length
72011
m-outer-090169779cdf49fad5ab0e59c999f664.html
js.stripe.com/v3/ Frame 0228 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-090169779cdf49fad5ab0e59c999f664.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19downunder.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://covid19downunder.com/

Response headers

status
200
x-amz-id-2
2stQGZGyXuUmr7atDmDEXvCLmjLqyXUxxppdcZqCgM0Sur7PlDjAZTbBVoBEqgBzjek+XmBAhSM=
x-amz-request-id
CC301ED012D02597
last-modified
Wed, 08 Jul 2020 20:32:02 GMT
etag
"090169779cdf49fad5ab0e59c999f664"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Sat, 08 Aug 2020 20:01:40 GMT
via
1.1 varnish
age
219
x-served-by
cache-hhn4060-HHN
x-cache
HIT
x-cache-hits
297
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
203
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c7f9f605ce1a8b6aca951aa3bee0ed0737e0e2fb0700c2a73d8028b7d330409

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		198 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a333122c9340d84cc6c57c1ee67b126e1f88aad44f9de88c54945f6811c8b08

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acfbcfa53d2f1cabb3c97a0739904207b33ed4dc3851262d7bd3190f22be29d0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
083af449-5a81-4376-a98c-6852851368d5
https://covid19downunder.com/ 		558 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://covid19downunder.com/083af449-5a81-4376-a98c-6852851368d5
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93a8ceceb2cadc59ade52d51b0bc8a20c1ed9a3a0850d5a357c8ee9ca7e63458

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
570993
i
r.lr-ingest.io/ 		108 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=n99l4d%2Fcovid19downunder&r=4-21ca18f3-5f5a-4dc8-a4cc-fa13efa77fe1&t=2a121a6a-456d-4ffc-b4be-3efe849de1bb&ir=f&ht=f&s=0
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
de236296a9588c42901de5bcb7e3b4cf4dcbf9ae782ba31899171c036d4928f5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:43 GMT
cf-cache-status
DYNAMIC
x-powered-by
Express
status
201
content-length
108
cf-request-id
04714345aa0000c2bd09263200000001
server
cloudflare
etag
W/"6c-dN8+KLOCsX7bDhdz3pmeMPpqEZk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
5bfbd4b5da39c2bd-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Origin
https://covid19downunder.com

Response headers

date
Wed, 29 Jul 2020 00:58:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
932572
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 29 Jul 2021 00:58:51 GMT
/
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/ 		34 KB
35 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.106.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-106-95.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
57b8fca6f452db18d272f3722951b7f2268bfeb659cfb538096159a89e8550c9

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Aug 2020 20:01:46 GMT
x-amzn-requestid
5960c823-f99e-40ff-851d-4a00bef1703c
status
200
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f2f04a9-744771c25b150b3bea74d297;Sampled=0
x-amz-apigw-id
Q92qhG3zywMFT-w=
content-length
35200
/
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/ 		16 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com/dev/resources/
Requested by
Host: covid19downunder.com
URL: https://covid19downunder.com/static/js/2.1402486d.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.206.106.95 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-206-106-95.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
f550ba0e16598fbe4df5e47d73a5a10a97894bf3bad46a8eaae60c0a33fc5ca0

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 08 Aug 2020 20:01:47 GMT
x-amzn-requestid
c8ff58b4-5d69-4b80-94b2-195db772f7be
status
200
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f2f04aa-541635d5e4fdd107e135c340;Sampled=0
x-amz-apigw-id
Q92qrEtsywMF6Jg=
content-length
16459
i
r.lr-ingest.io/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=n99l4d%2Fcovid19downunder&r=4-21ca18f3-5f5a-4dc8-a4cc-fa13efa77fe1&t=2a121a6a-456d-4ffc-b4be-3efe849de1bb&ir=t&ht=f&s=0&u=ba8ae083-f189-4a83-855b-48eebac35a24
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
5bfbd4ca0a15c2bd-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length
0
cf-request-id
04714352420000c2bd0937a200000001
i
r.lr-ingest.io/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=n99l4d%2Fcovid19downunder&r=4-21ca18f3-5f5a-4dc8-a4cc-fa13efa77fe1&t=2a121a6a-456d-4ffc-b4be-3efe849de1bb&ir=t&ht=f&s=0&u=ba8ae083-f189-4a83-855b-48eebac35a24
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19downunder.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 08 Aug 2020 20:01:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
5bfbd4df4f5dc2bd-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length
0
cf-request-id
0471435f8e0000c2bd09067200000001

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| mapboxgl object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Stripe object| webpackJsonpcodvid-app number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| _lrMutationObserver object| __SDKCONFIG__ function| Hammer function| Color function| Chart function| _lrXMLHttpRequest object| __core-js_shared__ function| _LRLogger boolean| _lr_loaded

5 Cookies

Domain/Path Name / Value
covid19downunder.com/ Name: _lr_uf_-n99l4d
Value: 5772d622-3376-42aa-827b-4e28fbce92a9
covid19downunder.com/ Name: _lr_hb_-n99l4d%2Fcovid19downunder
Value: {%22heartbeat%22:1596916900296}
.covid19downunder.com/ Name: _gid
Value: GA1.2.167440002.1596916900
covid19downunder.com/ Name: _lr_tabs_-n99l4d%2Fcovid19downunder
Value: {%22sessionID%22:0%2C%22recordingID%22:%224-21ca18f3-5f5a-4dc8-a4cc-fa13efa77fe1%22%2C%22lastActivity%22:1596916900295}
.covid19downunder.com/ Name: _ga
Value: GA1.2.1644817697.1596916889

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mapbox.com
cdn.lr-ingest.io
covid19downunder.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
maxcdn.bootstrapcdn.com
r.lr-ingest.io
stats.g.doubleclick.net
t7lf4gf0s8.execute-api.ap-southeast-2.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
151.101.112.176
2001:4de0:ac19::1:b:2a
2606:4700:3033::681c:7aa
2606:4700:e0::ac40:6402
2606:4700:e0::ac40:6502
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:819::200a
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9d
54.206.106.95
99.86.2.140
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3bf14abf78e4cdb847bda62ec03dd126c16a48f9ee67a337bd50fc66b016af6e
4c7f9f605ce1a8b6aca951aa3bee0ed0737e0e2fb0700c2a73d8028b7d330409
57b8fca6f452db18d272f3722951b7f2268bfeb659cfb538096159a89e8550c9
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
69f24179985caad68fa2e04a2eee315d606bd587383a0a132eff2196806b45db
6a333122c9340d84cc6c57c1ee67b126e1f88aad44f9de88c54945f6811c8b08
6e45a9e1a97e8aafe6a678a73973018953caed99e0268c1e406d47605356c5fd
71a528ab12f1162f24d3ecd32a307b0baa276c83ff286d92c73af590d77fec5b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88edcdbafbec279f5e0cc18102a7cf9a33fb5969125e38467da9b7b17f7064a2
923a84d96a5305896012282276df5f2c8060195666156c3e82ef888c62713f51
93a8ceceb2cadc59ade52d51b0bc8a20c1ed9a3a0850d5a357c8ee9ca7e63458
9b54e163e9946f096172c684f7d635036bf04715dd7e7a0f979323a7bf853e05
a6e13d0ddaf36ffa635e2edf3c5de8fd688227f989b430de295b448f4b9862bd
acfbcfa53d2f1cabb3c97a0739904207b33ed4dc3851262d7bd3190f22be29d0
c5723072d61c757b8b2a92ddb0aabebf33ad64b3d1f514d1cf0f28f652dd0f91
c8677dad34a7efa1253d5979a1ebf76d7affe2086f775e1116f69da96c7bffe8
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
de236296a9588c42901de5bcb7e3b4cf4dcbf9ae782ba31899171c036d4928f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f41f68f6cebc61615428108a71b627484a2390fa0e015e5aa87d06b48233c8fb
f43fb780e50fe25f024c9a1eb6bfe0896bb23e12d973d28a4234bb51cbe83b18
f550ba0e16598fbe4df5e47d73a5a10a97894bf3bad46a8eaae60c0a33fc5ca0
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955