Submitted URL: https://www.covid.tshepisotshegosebe.co.za/
Effective URL: https://www.covid.tshepisotshegosebe.co.za/results
Submission: On April 06 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 19 HTTP transactions. The main IP is 154.0.173.55, located in South Africa and belongs to Afrihost, ZA. The main domain is www.covid.tshepisotshegosebe.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 6th 2020. Valid for: 3 months.
This is the only time www.covid.tshepisotshegosebe.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 154.0.173.55 37611 (Afrihost)
1 40.69.194.111 8075 (MICROSOFT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 11
Domain Requested by
8 www.covid.tshepisotshegosebe.co.za 1 redirects www.covid.tshepisotshegosebe.co.za
2 lh3.googleusercontent.com www.covid.tshepisotshegosebe.co.za
2 businesstech.co.za www.covid.tshepisotshegosebe.co.za
1 fonts.gstatic.com www.covid.tshepisotshegosebe.co.za
1 fonts.googleapis.com www.covid.tshepisotshegosebe.co.za
1 images.newindianexpress.com www.covid.tshepisotshegosebe.co.za
1 cdn.24.co.za www.covid.tshepisotshegosebe.co.za
1 www.dailymaverick.co.za www.covid.tshepisotshegosebe.co.za
1 www.biznews.com www.covid.tshepisotshegosebe.co.za
1 image.iol.co.za www.covid.tshepisotshegosebe.co.za
1 cdn.primedia.co.za www.covid.tshepisotshegosebe.co.za
19 11
Subject Issuer Validity Valid
covid.tshepisotshegosebe.co.za
cPanel, Inc. Certification Authority
2020-04-06 -
2020-07-05
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-13 -
2020-10-09
a year crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
iol.co.za
Amazon
2019-06-20 -
2020-07-20
a year crt.sh
www.dailymaverick.co.za
Let's Encrypt Authority X3
2020-01-31 -
2020-04-30
3 months crt.sh
*.newindianexpress.com
Amazon
2019-11-16 -
2020-12-16
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.covid.tshepisotshegosebe.co.za/results
Frame ID: 7A0A9F5E839F521C20D74B916CA80955
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.covid.tshepisotshegosebe.co.za/ HTTP 302
    https://www.covid.tshepisotshegosebe.co.za/results Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

89 %
HTTPS

82 %
IPv6

11
Domains

11
Subdomains

11
IPs

4
Countries

1713 kB
Transfer

1706 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.covid.tshepisotshegosebe.co.za/ HTTP 302
    https://www.covid.tshepisotshegosebe.co.za/results Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set results
www.covid.tshepisotshegosebe.co.za/
Redirect Chain
  • https://www.covid.tshepisotshegosebe.co.za/
  • https://www.covid.tshepisotshegosebe.co.za/results
27 KB
28 KB
Document
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
e8d733bdfabb97ea9eb290b3604df1fd7d608c79b4002748783336eab9d47531

Request headers

Host
www.covid.tshepisotshegosebe.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
XSRF-TOKEN=eyJpdiI6ImpxenBZTmh3TDVST0c1T1lOYm8rZVE9PSIsInZhbHVlIjoiXC9sM1FyRUVhOHFud3NBZmFLOU1Va0daUWJKXC81eEZWKytjTlwvTmUxNTcyRE9OY2hSbXVqY2Z1Yjlxa29jaGM3OSIsIm1hYyI6ImRkYzE3YjVkMDBhZDU0MWQ2YzFlNmY0YTM3NTAxNDAwOGFmMTI1NTk3MzZjZDZiNzUwNDE3ZDFlYjFlZmFhYjMifQ%3D%3D; laravel_session=eyJpdiI6IlRhU2I3OHJLcjUrOWtoS3h0SXRFZUE9PSIsInZhbHVlIjoicytac00rVVhDRFwvOVVNKzdZRVdTek9LaUw4VjBBTnE3RXVjMHJta2lPVDJ2VUx4VXhBYk1zck9CZTdWMisrTWsiLCJtYWMiOiJlNzQwYjRjNzNhYzI5MzY5NjdlMmI3MGYyMDE3YTc3MTUxN2FhZWQxOGMxOGNhNTRlM2VkMmE0OWEzNTNhODliIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Mon, 06 Apr 2020 09:11:12 GMT
Server
Apache
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlAwUXJCRXM5MmJoUzRVOUNBVDdkYWc9PSIsInZhbHVlIjoidDAwckJDcnVhXC9ibWNJeFwvbWxscGxZcGtHbnVEZXN1eHZBN3BYUjNzWFhKQ0lrNHJ2dVROY1c5dDNLUWNkd1g5IiwibWFjIjoiMTYyZmVhMzEwOWFiOTk0NWI4NzkxMDVhYWVjMTIyZjc3NjQzNDVjOTMwNjU4ODMxOWUwNDA2NGY2MjhmMDBjNyJ9; expires=Mon, 06-Apr-2020 11:11:15 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IkNPSEpyeWdEQmdVaHdvZURwOEh2d3c9PSIsInZhbHVlIjoiYjlwSzhtWUxMV2pLQkdGbUU3MVc5VDJYVEoxa1dnelA1RHRMV1pjYXZFUnlJUjFrNmhUc0tyOEg0bmhJMlVcL2oiLCJtYWMiOiI4ZjlkZDQ2YTUzYmVjODU1MzBhOWQ5Nzg5ZGUxYjQ5YzhiNjcyMDc1ZDMyNGY4ODQwNTM4ZTNlNDJiNDZkZGZmIn0%3D; expires=Mon, 06-Apr-2020 11:11:15 GMT; Max-Age=7200; path=/; httponly
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 06 Apr 2020 09:11:11 GMT
Server
Apache
Cache-Control
no-cache, private
Set-Cookie
XSRF-TOKEN=eyJpdiI6ImpxenBZTmh3TDVST0c1T1lOYm8rZVE9PSIsInZhbHVlIjoiXC9sM1FyRUVhOHFud3NBZmFLOU1Va0daUWJKXC81eEZWKytjTlwvTmUxNTcyRE9OY2hSbXVqY2Z1Yjlxa29jaGM3OSIsIm1hYyI6ImRkYzE3YjVkMDBhZDU0MWQ2YzFlNmY0YTM3NTAxNDAwOGFmMTI1NTk3MzZjZDZiNzUwNDE3ZDFlYjFlZmFhYjMifQ%3D%3D; expires=Mon, 06-Apr-2020 11:11:11 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlRhU2I3OHJLcjUrOWtoS3h0SXRFZUE9PSIsInZhbHVlIjoicytac00rVVhDRFwvOVVNKzdZRVdTek9LaUw4VjBBTnE3RXVjMHJta2lPVDJ2VUx4VXhBYk1zck9CZTdWMisrTWsiLCJtYWMiOiJlNzQwYjRjNzNhYzI5MzY5NjdlMmI3MGYyMDE3YTc3MTUxN2FhZWQxOGMxOGNhNTRlM2VkMmE0OWEzNTNhODliIn0%3D; expires=Mon, 06-Apr-2020 11:11:11 GMT; Max-Age=7200; path=/; httponly
Location
https://www.covid.tshepisotshegosebe.co.za/results
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
app.js
www.covid.tshepisotshegosebe.co.za/js/
406 KB
407 KB
Script
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/js/app.js?id=61bce0156eedfd801c60
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
3e6569c39e2d05f72b32e297f9d91373b82463d330a36da4942803135568d607

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 09:11:15 GMT
Last-Modified
Sat, 04 Apr 2020 16:46:10 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
416036
app.css
www.covid.tshepisotshegosebe.co.za/css/
276 KB
276 KB
Stylesheet
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/css/app.css?id=a7a12524db1350bba4e5
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
ba256a460d2d611093599522c59fce0c5c016ba855d1d1f7b38eae65d8398b7a

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Mon, 06 Apr 2020 09:11:15 GMT
Last-Modified
Sat, 04 Apr 2020 16:46:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
282365
fb.png
www.covid.tshepisotshegosebe.co.za/images/
3 KB
4 KB
Image
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/images/fb.png
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
54b10ef8b1eab0cb624ae5878e08081b40c7875b7aabf0fa6dcd71fbb2e66796

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 09:11:15 GMT
Last-Modified
Sun, 05 Apr 2020 18:07:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3531
twitter.png
www.covid.tshepisotshegosebe.co.za/images/
5 KB
5 KB
Image
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/images/twitter.png
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
212c6d055c26f5f45fe6237b0955610646b99bf4439996e12d5995e95954b2f9

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 09:11:15 GMT
Last-Modified
Sun, 05 Apr 2020 18:08:48 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4621
linkedin.png
www.covid.tshepisotshegosebe.co.za/images/
4 KB
4 KB
Image
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/images/linkedin.png
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
08c9cfcaf0e97773242ae7775969a71c3d7c5915e54a4b0665356c47f96ed9c3

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 09:11:16 GMT
Last-Modified
Sun, 05 Apr 2020 18:08:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4040
rtm0cnxhu4vhhhls6zbn
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_437,w_700/
111 KB
111 KB
Image
General
Full URL
http://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_437,w_700/rtm0cnxhu4vhhhls6zbn
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Server
40.69.194.111 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a82a15127debf3a59afc97141ad67164ab2a1a7a699f34c9befc60cfcf900592
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 09:11:16 GMT
Server-Timing
akam;dur=3;start=2020-04-06T05:02:40.789Z;total=3;desc=hit,rtt;dur=178,cloudinary;dur=150;start=2020-03-27T18:09:46.643Z,cld-id;desc=15bf599321cf1b4ae23f9c3fa9af8d32
Content-Length
113181
X-Request-Id
15bf599321cf1b4ae23f9c3fa9af8d32
Last-Modified
Fri, 27 Mar 2020 18:09:47 GMT
Server
nginx/1.10.3 (Ubuntu)
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"fdce57b6d4c02cd85d23747e9d1dd0e1"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Proxy-Cache
HIT
Woolworths-logo.png
businesstech.co.za/news/wp-content/uploads/2018/08/
27 KB
27 KB
Image
General
Full URL
https://businesstech.co.za/news/wp-content/uploads/2018/08/Woolworths-logo.png
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9fea8f85c3d148aeccf2445839069a313d3b273b0f38b82c22d95960c898ac1

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:11:16 GMT
cf-cache-status
HIT
age
7702
cf-polished
origFmt=png, origSize=48866
status
200
content-disposition
inline; filename="Woolworths-logo.webp"
cf-bgj
imgq:85
content-length
27198
last-modified
Wed, 08 Aug 2018 13:10:26 GMT
server
cloudflare
etag
"bee2-572ec3bebebac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
57fa616a4f60d725-FRA
expires
Wed, 06 May 2020 07:02:54 GMT
0VSijjq4lyrgupaedDAu8Wjz_qkh7sDucifSpK1IJzifLxCl6urQjfKOGkAApaFTwB47_cf5E7qVQCcB3GwMayM=s1000
lh3.googleusercontent.com/
94 KB
95 KB
Image
General
Full URL
https://lh3.googleusercontent.com/0VSijjq4lyrgupaedDAu8Wjz_qkh7sDucifSpK1IJzifLxCl6urQjfKOGkAApaFTwB47_cf5E7qVQCcB3GwMayM=s1000
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f3c37035288b019057be86d4787dded6e2a926956ae3bb5e8ff583c5f0c26c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 06:20:56 GMT
x-content-type-options
nosniff
age
10220
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
96438
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 07 Apr 2020 06:20:56 GMT
1385x366
image.iol.co.za/image/1/process/
38 KB
38 KB
Image
General
Full URL
https://image.iol.co.za/image/1/process/1385x366?source=https://inm-baobab-prod-eu-west-1.s3.amazonaws.com/public/inm/iol/media/image/2020/04/06/46311206/contagion_imbd.jpg&operation=CROP&offset=0x126&resize=1385x779
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:8000:e:691b:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c2632df5f93bd993bc0239e68f071890c66592c7597bf1a37ee4f3f2a43b4172

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:11:17 GMT
via
1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
d59a0e0a-bb21-468d-97c4-04dfac35dd92
x-cache
Miss from cloudfront
content-type
image/webp
status
200
cache-control
max-age=315360000, public
x-amzn-trace-id
Root=1-5e8af234-ddc8ee1ed7ea2714b02e6134;Sampled=0
x-amz-apigw-id
KjrIREfxjoEFYKA=
content-length
38666
x-amz-cf-id
z6a1J4zJkaUyAl_n7fO0Bg6rg0T8ke1EaL9B6AK-kT_hYpsg4o5hAw==
NY-Covid-19-dead.jpg
www.biznews.com/wp-content/uploads/2020/04/
92 KB
92 KB
Image
General
Full URL
https://www.biznews.com/wp-content/uploads/2020/04/NY-Covid-19-dead.jpg
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f91449a096e7bf90337059dbd1cd1ba8d8435012d7ab09bc4561cef23610d4a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:11:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
240863
status
200
content-length
93941
last-modified
Fri, 03 Apr 2020 14:11:29 GMT
server
cloudflare
etag
"5e874411-16ef5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
57fa616aa874c2b3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
peterfab-Tito-VBrics.jpg
www.dailymaverick.co.za/wp-content/uploads/
179 KB
179 KB
Image
General
Full URL
https://www.dailymaverick.co.za/wp-content/uploads/peterfab-Tito-VBrics.jpg
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:760 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e1cdc0baade13860563b11bb4a1fc3698156fb868a5ef8507fa569f926e51b

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:11:16 GMT
cf-cache-status
HIT
age
43339
cf-polished
origSize=233321, status=webp_bigger
status
200
cf-bgj
imgq:100
content-length
182865
last-modified
Sun, 05 Apr 2020 15:40:45 GMT
server
cloudflare
etag
"5e89fbfd-38f69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=2592000
accept-ranges
bytes
cf-ray
57fa616b0812c2fe-FRA
expires
Tue, 05 May 2020 21:08:57 GMT
Coronavirus1-1-e1585219438288.png
businesstech.co.za/news/wp-content/uploads/2020/03/
164 KB
164 KB
Image
General
Full URL
https://businesstech.co.za/news/wp-content/uploads/2020/03/Coronavirus1-1-e1585219438288.png
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ed4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd401842e66605d9188e1a53a5357fda7e3b9a288e19b25f6dafb7959d71f0a

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 09:11:17 GMT
cf-cache-status
HIT
age
944368
cf-polished
origFmt=png, origSize=232179
status
200
content-disposition
inline; filename="Coronavirus1-1-e1585219438288.webp"
cf-bgj
imgq:85
content-length
167498
last-modified
Thu, 26 Mar 2020 10:43:59 GMT
server
cloudflare
etag
"38af3-5a1bfa993ccc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
57fa616b396dd725-FRA
expires
Sat, 25 Apr 2020 10:51:49 GMT
edbec87142834bf490fe87621d537b6a.jpg
cdn.24.co.za/files/Cms/General/d/8340/
18 KB
19 KB
Image
General
Full URL
http://cdn.24.co.za/files/Cms/General/d/8340/edbec87142834bf490fe87621d537b6a.jpg
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Server
2606:4700::6812:8e33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4ab6c9a1530893755cd76c2faa6784faa588971959e2b57ba89916d46ce3298

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 09:11:17 GMT
CF-Cache-Status
HIT
Age
48332
Cf-Polished
qual=85, origFmt=jpeg, origSize=49152
Content-Disposition
inline; filename="edbec87142834bf490fe87621d537b6a.webp"
Connection
keep-alive
Content-Length
18438
Last-Modified
Mon, 23 Mar 2020 10:10:33 GMT
Server
cloudflare
ETag
"612a254afb0d61:0"
Vary
Accept
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
CF-RAY
57fa616b5bab1f15-FRA
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Key, Content-Length, Authorization, Range
Cf-Bgj
imgq:85
huULRg1drXjbX8n89ppAmw2WhCPJnQx59hHhfcXyQJQvG7NkgHGTMGmlUCnCZabCDlaRlj8LwfoLILKfpBR6dw=s1000
lh3.googleusercontent.com/
14 KB
14 KB
Image
General
Full URL
https://lh3.googleusercontent.com/huULRg1drXjbX8n89ppAmw2WhCPJnQx59hHhfcXyQJQvG7NkgHGTMGmlUCnCZabCDlaRlj8LwfoLILKfpBR6dw=s1000
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8f45d66ef1442997c63132cb8955682411954ce0605d15628e8fb32aa7f94282
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 08:43:19 GMT
x-content-type-options
nosniff
age
1677
status
200
content-disposition
inline;filename="unnamed.jpg"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14209
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 06 Apr 2020 09:14:41 GMT
AP20091436301908.jpg
images.newindianexpress.com/uploads/user/imagelibrary/2020/4/1/w600X390/
158 KB
158 KB
Image
General
Full URL
https://images.newindianexpress.com/uploads/user/imagelibrary/2020/4/1/w600X390/AP20091436301908.jpg
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:9000:8:e1e4:4100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.6.40 /
Resource Hash
7fd05f38b2c3a34009f0d9bb3518b8700a33f525630cf785f0917ef9a42c8825

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 01 Apr 2020 14:14:13 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
age
413824
x-cache
Hit from cloudfront
status
200
content-length
161375
last-modified
Wed, 01 Apr 2020 14:10:11 GMT
server
Apache/2.4.6 (CentOS) PHP/5.6.40
etag
"2765f-5a23b3e09cc1e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
PdJByeqwnCj--G6tOCdFAHLmHU7V7L00yu01oaLD9PbyfqM4Lv0MrQ==
expires
Fri, 01 May 2020 14:14:13 GMT
css
fonts.googleapis.com/
2 KB
582 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/results
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Apr 2020 09:11:16 GMT
server
ESF
date
Mon, 06 Apr 2020 09:11:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Apr 2020 09:11:16 GMT
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v12/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunito/v12/XRXV3I6Li01BKofINeaBTMnFcQ.woff2
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nunito
Origin
https://www.covid.tshepisotshegosebe.co.za
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 18:01:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 17:37:30 GMT
server
sffe
age
400196
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13992
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:01:21 GMT
webfa-solid-900.woff2
www.covid.tshepisotshegosebe.co.za/fonts/vendor/@fortawesome/fontawesome-free/
78 KB
78 KB
Font
General
Full URL
https://www.covid.tshepisotshegosebe.co.za/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?b15db15f746f29ffa02638cb455b8ec0
Requested by
Host: www.covid.tshepisotshegosebe.co.za
URL: https://www.covid.tshepisotshegosebe.co.za/results
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
154.0.173.55 , South Africa, ASN37611 (Afrihost, ZA),
Reverse DNS
oxenfurt.aserv.co.za
Software
Apache /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://www.covid.tshepisotshegosebe.co.za/css/app.css?id=a7a12524db1350bba4e5
Origin
https://www.covid.tshepisotshegosebe.co.za
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 06 Apr 2020 09:11:16 GMT
Last-Modified
Sat, 04 Apr 2020 16:46:10 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
79444

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| _ function| Popper function| jQuery function| $ function| axios function| Color function| Chart object| ctvChart function| kopdxjlzqagfcwuytsneihmbv_create function| suoxlyqkrizvamwfedgpcntbj_create object| kopdxjlzqagfcwuytsneihmbv object| suoxlyqkrizvamwfedgpcntbj

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

businesstech.co.za
cdn.24.co.za
cdn.primedia.co.za
fonts.googleapis.com
fonts.gstatic.com
image.iol.co.za
images.newindianexpress.com
lh3.googleusercontent.com
www.biznews.com
www.covid.tshepisotshegosebe.co.za
www.dailymaverick.co.za
154.0.173.55
2600:9000:20eb:8000:e:691b:62c0:93a1
2600:9000:20eb:9000:8:e1e4:4100:93a1
2606:4700:10::6816:760
2606:4700:20::681a:96e
2606:4700:20::681a:ed4
2606:4700::6812:8e33
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2001
40.69.194.111
08c9cfcaf0e97773242ae7775969a71c3d7c5915e54a4b0665356c47f96ed9c3
212c6d055c26f5f45fe6237b0955610646b99bf4439996e12d5995e95954b2f9
3e6569c39e2d05f72b32e297f9d91373b82463d330a36da4942803135568d607
4bd401842e66605d9188e1a53a5357fda7e3b9a288e19b25f6dafb7959d71f0a
54b10ef8b1eab0cb624ae5878e08081b40c7875b7aabf0fa6dcd71fbb2e66796
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fd05f38b2c3a34009f0d9bb3518b8700a33f525630cf785f0917ef9a42c8825
8f45d66ef1442997c63132cb8955682411954ce0605d15628e8fb32aa7f94282
9c662b6e3fb429681775f998db8d262428035930052ec2940864c06d567e4dc2
a82a15127debf3a59afc97141ad67164ab2a1a7a699f34c9befc60cfcf900592
b4ab6c9a1530893755cd76c2faa6784faa588971959e2b57ba89916d46ce3298
b9fea8f85c3d148aeccf2445839069a313d3b273b0f38b82c22d95960c898ac1
ba256a460d2d611093599522c59fce0c5c016ba855d1d1f7b38eae65d8398b7a
c2632df5f93bd993bc0239e68f071890c66592c7597bf1a37ee4f3f2a43b4172
c2e1cdc0baade13860563b11bb4a1fc3698156fb868a5ef8507fa569f926e51b
d3c2d02ad946969c6fc9ed583bdb76b3bf0bd2328575a93c42ff87ece9498504
e8d733bdfabb97ea9eb290b3604df1fd7d608c79b4002748783336eab9d47531
f3c37035288b019057be86d4787dded6e2a926956ae3bb5e8ff583c5f0c26c49
f91449a096e7bf90337059dbd1cd1ba8d8435012d7ab09bc4561cef23610d4a5