es-covid.herokuapp.com Open in urlscan Pro
34.192.68.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://es-covid.herokuapp.com.admin-us2.cas.ms/
Effective URL:
https://es-covid.herokuapp.com/
Submission: On April 22 via automatic, source certstream-suspicious (April 22nd 2020, 4:14:53 am UTC)

Summary HTTP 12 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 7 domains to perform 12 HTTP transactions. The main IP is 34.192.68.110, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is es-covid.herokuapp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 19th 2017. Valid for: 3 years.

This is the only time es-covid.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.192.68.110 34.192.68.110	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	167.114.116.91 167.114.116.91	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
12	6

1 51.137.137.121 (Cardiff, United Kingdom) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

es-covid.herokuapp.com.admin-us2.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.68.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-68-110.compute-1.amazonaws.com

es-covid.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.114.116.91 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns511310.ip-167-114-116.net

dizr5e00vc-dsn.algolia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gstatic.com fonts.gstatic.com	33 KB
3	jsdelivr.net cdn.jsdelivr.net	67 KB
2	polyfill.io polyfill.io	700 B
2	herokuapp.com es-covid.herokuapp.com	18 KB
1	algolia.net dizr5e00vc-dsn.algolia.net	7 KB
1	googleapis.com fonts.googleapis.com	979 B
1	cas.ms 1 redirects es-covid.herokuapp.com.admin-us2.cas.ms	262 B
12	7

	Domain	Requested by
3	fonts.gstatic.com	es-covid.herokuapp.com
3	cdn.jsdelivr.net	es-covid.herokuapp.com
2	polyfill.io	es-covid.herokuapp.com
2	es-covid.herokuapp.com	es-covid.herokuapp.com
1	dizr5e00vc-dsn.algolia.net	cdn.jsdelivr.net
1	fonts.googleapis.com	es-covid.herokuapp.com
1	es-covid.herokuapp.com.admin-us2.cas.ms	1 redirects
12	7

This site contains links to these domains. Also see Links.

Domain
docs.google.com
freeattitudemoduleathttps
bookcreator.com
www.youtube.com
www.imperosoftware.com
www.thirteen.org
www.gale.com
www.rocketlit.com
mailchi.mp

Subject Issuer	Validity	Valid
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2017-04-19` - `2020-06-22`	3 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-06` - `2020-10-09`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-16` - `2021-04-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
algolia.net Sectigo RSA Organization Validation Secure Server CA	`2019-09-24` - `2020-11-30`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://es-covid.herokuapp.com/
Frame ID: D7FEDDBAD72A8F61C80D41CEEA358FA5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://es-covid.herokuapp.com.admin-us2.cas.ms/ HTTP 307
https://es-covid.herokuapp.com/ Page URL

Detected technologies

Erlang (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Cowboy (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Cowboy$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/polyfill\.min\.js/i

Page Statistics

12
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

126 kB
Transfer

384 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLScYMQAvHD36AkzEKO0omdJ5G3pjJDBhaTUWHUBHcPwKsPgXQg/viewform
Title: Visit Website

Search URL Search Domain Scan URL

URL: http://freeattitudemoduleathttps//www.softskillshigh.com/lp2.php
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://bookcreator.com/
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCmrIRRQUbrdSILPR-qUZ4ZA
Title: Visit Website

Search URL Search Domain Scan URL

URL: http://www.imperosoftware.com/
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://www.thirteen.org/programs/films-by-kids/
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSebnn8LJ4rCJgUeRAhGDB-2Aqh7j6Xx9lbOXRmB7CtxCHqfug/viewform
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://www.gale.com/covid19support
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://www.rocketlit.com/signup/simple.php
Title: Visit Website

Search URL Search Domain Scan URL

URL: https://mailchi.mp/schooldatebooks.com/free-lesson-plans
Title: Visit Website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://es-covid.herokuapp.com.admin-us2.cas.ms/ HTTP 307
https://es-covid.herokuapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
es-covid.herokuapp.com/
Redirect Chain

https://es-covid.herokuapp.com.admin-us2.cas.ms/
https://es-covid.herokuapp.com/

15 KB
15 KB

426ms
110ms

Document
text/html

34.192.68.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://es-covid.herokuapp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.68.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-68-110.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

d9d77b03eef4284ee3aa558af674c673a9154e75027913dc496333fc71b0adb1

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Host: es-covid.herokuapp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Cowboy
Date: Wed, 22 Apr 2020 04:14:21 GMT
Connection: keep-alive
X-Frame-Options: ALLOWALL
Content-Type: text/html; charset=utf-8
Etag: W/"d9d77b03eef4284ee3aa558af674c673"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 5346a1a8-c6d5-4ce6-aa92-5bced8a9f15f
X-Runtime: 0.003230
Transfer-Encoding: chunked
Via: 1.1 vegur

Redirect headers

Date: Wed, 22 Apr 2020 04:14:21 GMT
Connection: keep-alive
Location: https://es-covid.herokuapp.com/
Strict-Transport-Security: max-age=31536000
Content-Length: 145
X-MCAS-Request-Id: 24c33496-c921-43f2-a14f-99be714cdfa5

GET
H2 200 algoliasearch-lite.umd.js Show response
cdn.jsdelivr.net/npm/algoliasearch@4.0.0/dist/ 13 KB
4 KB 29ms
12ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/algoliasearch@4.0.0/dist/algoliasearch-lite.umd.js

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31f78aab6030f55024684f4269eb3634ec507fabd46bc02fd09a9c51750691dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://es-covid.herokuapp.com/
Origin: https://es-covid.herokuapp.com

Response headers

date: Wed, 22 Apr 2020 04:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6448693
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0241b121e80000bf23181ae200000001
x-served-by: cache-fra19146-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"34c6-sHOhuMDJ+rtK19l0gerxnUGXGQc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 587c847cae3fbf23-FRA

GET
H2 200 instantsearch.production.min.js Show response
cdn.jsdelivr.net/npm/instantsearch.js@4.0.0/dist/ 239 KB
59 KB 32ms
15ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/instantsearch.js@4.0.0/dist/instantsearch.production.min.js

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e92eead0926cfcac7891bfdfbf4a0c8d2f39e504f3e51736861f4090852352c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://es-covid.herokuapp.com/
Origin: https://es-covid.herokuapp.com

Response headers

date: Wed, 22 Apr 2020 04:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15267538
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0241b121e80000bf23181af200000001
x-served-by: cache-ams21034-AMS, cache-hhn4058-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"3ba54-03w+mEfuXKy/rRW+fSrf6O0zFmY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 587c847cae40bf23-FRA

GET
H2 200 algolia-min.css
cdn.jsdelivr.net/npm/instantsearch.css@7.3.1/themes/ 16 KB
3 KB 28ms
11ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/instantsearch.css@7.3.1/themes/algolia-min.css

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c1e3d9ff0598eeaa20ad4107f8f4e7599fadd7b8a15ac5c20759fd0734ab5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://es-covid.herokuapp.com/
Origin: https://es-covid.herokuapp.com

Response headers

date: Wed, 22 Apr 2020 04:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20019767
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 0241b121e80000bf23181ad200000001
x-served-by: cache-ams21030-AMS, cache-hhn4033-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"3f16-IrrhMwNwOnmJH2O27d273slmb4s"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 587c847cae3ebf23-FRA

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
554 B 23ms
6ms Script
text/javascript 2a04:4e42:400::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.find%2CArray.prototype.includes%2CPromise%2CObject.assign%2CObject.entries

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es-covid.herokuapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2887314
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Mar 2020 17:46:15 GMT
date: Wed, 22 Apr 2020 04:14:22 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/74.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 10 KB
979 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abel|Roboto:400,400i,500,700&display=swap

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe2a85918d72e38f538b59a7a94bfffb51e64ffb59cb1611e6fee56b81786d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://es-covid.herokuapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Apr 2020 04:14:22 GMT
server: ESF
date: Wed, 22 Apr 2020 04:14:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Apr 2020 04:14:22 GMT

GET
H/1.1 200
OK application-701b69600860d7e4b941.js Show response
es-covid.herokuapp.com/packs/js/ 10 KB
3 KB 197ms
111ms Script
application/javascript 34.192.68.110
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://es-covid.herokuapp.com/packs/js/application-701b69600860d7e4b941.js
Requested by: Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.68.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-68-110.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: dd9bbde10d64bf5f5694a85bfe2d508c0058017a1e88f14c4029a4244b81a39d

Request headers

Referer: https://es-covid.herokuapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 22 Apr 2020 04:14:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 18:59:22 GMT
Server: Cowboy
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 2905

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 72 B
146 B 7ms
7ms Other
text/javascript 2a04:4e42:400::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.find%2CArray.prototype.includes%2CPromise%2CObject.assign%2CObject.entries

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es-covid.herokuapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2887314
detected-user-agent: Chrome/74.0.3729
status: 200
request_came_from_shield: FRA
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=0
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Thu, 19 Mar 2020 17:46:15 GMT
date: Wed, 22 Apr 2020 04:14:22 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/74.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK queries Show response
dizr5e00vc-dsn.algolia.net/1/indexes/*/ 48 KB
7 KB 323ms
106ms XHR
application/json 167.114.116.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://dizr5e00vc-dsn.algolia.net/1/indexes/*/queries?x-algolia-agent=Algolia%20for%20JavaScript%20(4.0.0)%3B%20Browser%20(lite)%3B%20instantsearch.js%20(4.0.0)%3B%20JS%20Helper%20(0.0.0-5a0352a)&x-algolia-api-key=4123b0ee51e8bd558e685aa8dd51b720&x-algolia-application-id=DIZR5E00VC

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/algoliasearch@4.0.0/dist/algoliasearch-lite.umd.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

167.114.116.91 Montreal, Canada, ASN16276 (OVH, FR),

Reverse DNS

ns511310.ip-167-114-116.net

Software

nginx /

Resource Hash

030293d32cdd2d907bdbcfebe51cb7cee4ef92efd632094509739713076ecc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://es-covid.herokuapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 22 Apr 2020 04:14:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Accept-Encoding: deflate, gzip
X-Alg-PT: 1
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Transfer-Encoding: chunked
Content-Disposition: inline; filename=a.txt
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Abel|Roboto:400,400i,500,700&display=swap
Origin: https://es-covid.herokuapp.com

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 622043
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: es-covid.herokuapp.com
URL: https://es-covid.herokuapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Abel|Roboto:400,400i,500,700&display=swap
Origin: https://es-covid.herokuapp.com

Response headers

date: Sat, 28 Mar 2020 09:35:40 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2140722
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11056
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:40 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Abel|Roboto:400,400i,500,700&display=swap
Origin: https://es-covid.herokuapp.com

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 618728
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| algoliasearch function| instantsearch

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
dizr5e00vc-dsn.algolia.net
es-covid.herokuapp.com
es-covid.herokuapp.com.admin-us2.cas.ms
fonts.googleapis.com
fonts.gstatic.com
polyfill.io
167.114.116.91
2606:4700::6810:5914
2a00:1450:4001:809::200a
2a00:1450:4001:821::2003
2a04:4e42:400::621
34.192.68.110
51.137.137.121
030293d32cdd2d907bdbcfebe51cb7cee4ef92efd632094509739713076ecc92
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1c1e3d9ff0598eeaa20ad4107f8f4e7599fadd7b8a15ac5c20759fd0734ab5ef
31f78aab6030f55024684f4269eb3634ec507fabd46bc02fd09a9c51750691dd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d9d77b03eef4284ee3aa558af674c673a9154e75027913dc496333fc71b0adb1
dd9bbde10d64bf5f5694a85bfe2d508c0058017a1e88f14c4029a4244b81a39d
e92eead0926cfcac7891bfdfbf4a0c8d2f39e504f3e51736861f4090852352c9
fe2a85918d72e38f538b59a7a94bfffb51e64ffb59cb1611e6fee56b81786d15

es-covid.herokuapp.com Open in urlscan Pro 34.192.68.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

6 IPs

5 Countries

126 kBTransfer

384 kBSize

0 Cookies

10 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

es-covid.herokuapp.com Open in urlscan Pro
34.192.68.110 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

126 kB
Transfer

384 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions