hospital.protejase.covid19.firecodeit.net Open in urlscan Pro
54.159.115.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hospital.protejase.covid19.firecodeit.net/
Submission: On May 21 via automatic, source certstream-suspicious (May 21st 2020, 2:11:47 am UTC)

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 54.159.115.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is hospital.protejase.covid19.firecodeit.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 21st 2020. Valid for: 3 months.

This is the only time hospital.protejase.covid19.firecodeit.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	54.159.115.94 54.159.115.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
13	4

7 54.159.115.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-115-94.compute-1.amazonaws.com

hospital.protejase.covid19.firecodeit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	firecodeit.net hospital.protejase.covid19.firecodeit.net	359 KB
3	gstatic.com fonts.gstatic.com	33 KB
2	fontawesome.com use.fontawesome.com	88 KB
1	googleapis.com fonts.googleapis.com	1022 B
13	4

	Domain	Requested by
7	hospital.protejase.covid19.firecodeit.net	hospital.protejase.covid19.firecodeit.net
3	fonts.gstatic.com	hospital.protejase.covid19.firecodeit.net
2	use.fontawesome.com	hospital.protejase.covid19.firecodeit.net
1	fonts.googleapis.com	hospital.protejase.covid19.firecodeit.net
13	4

This site contains no links.

Subject Issuer	Validity	Valid
hospital.protejase.coronavirus.firecodeit.net Let's Encrypt Authority X3	`2020-05-21` - `2020-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hospital.protejase.covid19.firecodeit.net/
Frame ID: DD0F0757BC953E06BCA9219FEA56DFD7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

481 kB
Transfer

1458 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hospital.protejase.covid19.firecodeit.net/ 2 KB
1 KB 380ms
108ms Document
text/html 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-115-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 99815ff5833635e315b0ab0c7fd5eeaf20425e2fa3c099400def8d4be5c27a4a

Request headers

Host: hospital.protejase.covid19.firecodeit.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: keep-alive
Server: nginx
Date: Thu, 21 May 2020 02:11:16 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Fri, 27 Mar 2020 23:37:15 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Etag: W/"5e7e8e2b-674"
Content-Encoding: gzip
Via: 1.1 vegur

GET
H/1.1 200
OK chunk-vendors.67a1abc0.css
hospital.protejase.covid19.firecodeit.net/css/ 313 KB
35 KB 115ms
112ms Stylesheet
text/css 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hospital.protejase.covid19.firecodeit.net/css/chunk-vendors.67a1abc0.css
Requested by: Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-115-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7c56bc4702af1232825dc3d019f14751db3756a5981a6d0446d1f47dda428843

Request headers

Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 02:11:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 23:37:15 GMT
Server: nginx
Etag: W/"5e7e8e2b-4e415"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK app.4a428108.js Show response
hospital.protejase.covid19.firecodeit.net/js/ 10 KB
5 KB 301ms
101ms Script
application/x-javascript 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hospital.protejase.covid19.firecodeit.net/js/app.4a428108.js
Requested by: Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-115-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d994ba00fa61a20def7f4c41017a135a21e0930183f9250822cef04dda58fa11

Request headers

Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 02:11:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 23:37:15 GMT
Server: nginx
Etag: W/"5e7e8e2b-2964"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK chunk-vendors.59eecbbc.js Show response
hospital.protejase.covid19.firecodeit.net/js/ 958 KB
314 KB 309ms
106ms Script
application/x-javascript 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hospital.protejase.covid19.firecodeit.net/js/chunk-vendors.59eecbbc.js
Requested by: Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-115-94.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 035838f78ff10195386814817e8fef03bfa3df7f1d9ecb36f679a6dada82e005

Request headers

Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 02:11:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 23:37:15 GMT
Server: nginx
Etag: W/"5e7e8e2b-ef6b9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1022 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ba5e9d4c0bb4c5e4906adb2f7db71a6a607bba6575a92622480956d088ac1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 May 2020 02:11:16 GMT
server: ESF
date: Thu, 21 May 2020 02:11:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 May 2020 02:11:16 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
14 KB 10ms
9ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 02:11:16 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:35:33 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

POST
H/1.1 200
OK token Show response
hospital.protejase.covid19.firecodeit.net/tkn_apisf/services/oauth2/ 370 B
1 KB 253ms
253ms XHR
application/json 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hospital.protejase.covid19.firecodeit.net/tkn_apisf/services/oauth2/token?grant_type=password&client_id=3MVG9LBJLApeX_PCTB7a1ByuA8BIni5cV.voBrQjXhob7itN4fqsJVBkjvhmKt9AP6ATEAfsiaQfwwbak4e4t&client_secret=550292D546474DFF5D388277570B4847B1F2178F6D22DE1139BB543F85328166&username=desenvolvimento@firecodeit.net&password=firecode!20202DE6aWOcjU64NmcOTv0TYqgq4

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/js/chunk-vendors.59eecbbc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-115-94.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4fc76ab36e7868dbe05f809dab5d3f4dec91c848ef069441ca1ec3633e07c755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://hospital.protejase.covid19.firecodeit.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 02:11:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Server: nginx
X-Readonlymode: false
Expect-Ct: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Via: 1.1 vegur
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: application/json;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Origin: https://hospital.protejase.covid19.firecodeit.net

Response headers

date: Tue, 19 May 2020 23:49:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 94908
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 19 May 2021 23:49:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Origin: https://hospital.protejase.covid19.firecodeit.net

Response headers

date: Sun, 17 May 2020 05:19:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 334302
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Mon, 17 May 2021 05:19:35 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 8ms
8ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://hospital.protejase.covid19.firecodeit.net

Response headers

date: Thu, 21 May 2020 02:11:17 GMT
last-modified: Tue, 04 Jun 2019 20:34:47 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 75440

GET
H/1.1 200
OK a0S6g000000DxQCEA0 Show response
hospital.protejase.covid19.firecodeit.net/apisf/services/data/v46.0/sobjects/Financial_Group__c/ 608 B
1 KB 150ms
150ms XHR
application/json 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hospital.protejase.covid19.firecodeit.net/apisf/services/data/v46.0/sobjects/Financial_Group__c/a0S6g000000DxQCEA0

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/js/chunk-vendors.59eecbbc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-115-94.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3208fb3bef49a353035af9fedd427619788d0776ac106d6d5962b83cb493db90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: max-age=600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hospital.protejase.covid19.firecodeit.net/
Authorization: Bearer 00D6g000000F70m!AQwAQFnYQkmzR8DYegH7lGDta520W28eiMI.EJcORBBZXS26nFnW1lc2TEwWShzfcSIheBa1UuJ2slZ74jLzHr1mdor7i1VV
Access-Control-Max-Age: 600

Response headers

Date: Thu, 21 May 2020 02:11:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 07 May 2020 12:14:08 GMT
Server: nginx
Sforce-Limit-Info: api-usage=2773/111000
Expect-Ct: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D6g000000F70mm"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/json;charset=UTF-8
Via: 1.1 vegur
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D6g000000F70mm";
X-Robots-Tag: none

GET
H/1.1 200
OK query Show response
hospital.protejase.covid19.firecodeit.net/apisf/services/data/v46.0/ 217 B
1 KB 237ms
146ms XHR
application/json 54.159.115.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hospital.protejase.covid19.firecodeit.net/apisf/services/data/v46.0/query?q=select+Free_Beds__c,+Total_Beds__c,+Name+from+Hospital__c+where+id+%3D+%27a1B6g000000rpzSEAQ%27

Requested by

Host: hospital.protejase.covid19.firecodeit.net
URL: https://hospital.protejase.covid19.firecodeit.net/js/chunk-vendors.59eecbbc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.159.115.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-159-115-94.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b288bd81c3bbb357f88bb6f90fb54edc0796eb000cbd8de766e4c4820c2526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Cache-Control: max-age=600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hospital.protejase.covid19.firecodeit.net/
Authorization: Bearer 00D6g000000F70m!AQwAQFnYQkmzR8DYegH7lGDta520W28eiMI.EJcORBBZXS26nFnW1lc2TEwWShzfcSIheBa1UuJ2slZ74jLzHr1mdor7i1VV
Access-Control-Max-Age: 600

Response headers

Date: Thu, 21 May 2020 02:11:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Server: nginx
Sforce-Limit-Info: api-usage=2774/111000
Expect-Ct: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D6g000000F70mm"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/json;charset=UTF-8
Via: 1.1 vegur
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D6g000000F70mm";
X-Robots-Tag: none

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
Origin: https://hospital.protejase.covid19.firecodeit.net

Response headers

date: Mon, 18 May 2020 09:09:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 234116
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 18 May 2021 09:09:22 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://hospital.protejase.covid19.firecodeit.net/js/app.4a428108.js(Line 1) Message: Service worker has been registered.
console-api	log	URL: https://hospital.protejase.covid19.firecodeit.net/js/app.4a428108.js(Line 1) Message: New content is downloading.
console-api	log	URL: https://hospital.protejase.covid19.firecodeit.net/js/app.4a428108.js(Line 1) Message: Content has been cached for offline use.
console-api	log	URL: https://hospital.protejase.covid19.firecodeit.net/js/app.4a428108.js(Line 1) Message: App is being served from cache by a service worker. For more details, visit https://goo.gl/AFskqB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
hospital.protejase.covid19.firecodeit.net
use.fontawesome.com
23.111.9.35
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
54.159.115.94
035838f78ff10195386814817e8fef03bfa3df7f1d9ecb36f679a6dada82e005
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1ba5e9d4c0bb4c5e4906adb2f7db71a6a607bba6575a92622480956d088ac1d6
3208fb3bef49a353035af9fedd427619788d0776ac106d6d5962b83cb493db90
4fc76ab36e7868dbe05f809dab5d3f4dec91c848ef069441ca1ec3633e07c755
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7c56bc4702af1232825dc3d019f14751db3756a5981a6d0446d1f47dda428843
99815ff5833635e315b0ab0c7fd5eeaf20425e2fa3c099400def8d4be5c27a4a
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d994ba00fa61a20def7f4c41017a135a21e0930183f9250822cef04dda58fa11
e3b288bd81c3bbb357f88bb6f90fb54edc0796eb000cbd8de766e4c4820c2526

hospital.protejase.covid19.firecodeit.net Open in urlscan Pro 54.159.115.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

481 kBTransfer

1458 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

hospital.protejase.covid19.firecodeit.net Open in urlscan Pro
54.159.115.94 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

481 kB
Transfer

1458 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions