urlscan.io logo urlscan.io
SecurityTrails logo

covidnow.app Open in urlscan Pro
34.65.228.161  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covidnow.app/
Effective URL: https://covidnow.app/
Submission: On May 22 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 10 HTTP transactions. The main IP is 34.65.228.161, located in United States and belongs to GOOGLE, US. The main domain is covidnow.app.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 29th 2020. Valid for: 3 months.
This is the only time covidnow.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 34.65.228.161 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.93.32.52 14061 (DIGITALOC...)
1 54.171.123.112 16509 (AMAZON-02)
10 4
Domain Requested by
6 covidnow.app covidnow.app
2 api.covid19api.com covidnow.app
1 nuur-covid-api.herokuapp.com covidnow.app
1 www.google-analytics.com covidnow.app
10 4

This site contains no links.

Subject Issuer Validity Valid
*.covidnow.app
Let's Encrypt Authority X3		 2020-04-29 -
2020-07-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
api.covid19api.com
Let's Encrypt Authority X3		 2020-04-04 -
2020-07-03		 3 months crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2017-04-19 -
2020-06-22		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://covidnow.app/
Frame ID: D0A72168CF5CC9D5E0742B045CDA070C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://covidnow.app/ HTTP 307
    https://covidnow.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

411 kB
Transfer

1237 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covidnow.app/ HTTP 307
    https://covidnow.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covidnow.app/
Redirect Chain
  • http://covidnow.app/
  • https://covidnow.app/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
b3b86715fc12aa1b4b9271e0d5d0c6ccc5c1a2f54423cde681c562ebdc35c794
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

:method
GET
:authority
covidnow.app
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 22 May 2020 13:25:27 GMT
content-type
text/html; charset=utf-8
x-vercel-cache
HIT
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="index.html"
access-control-allow-origin
*
etag
W/"b3b86715fc12aa1b4b9271e0d5d0c6ccc5c1a2f54423cde681c562ebdc35c794"
age
30098
x-vercel-trace
zrh1
server
Vercel
x-vercel-id
zrh1::tn878-1590153926528-20276394103f
strict-transport-security
max-age=63072000
content-encoding
br

Redirect headers

Location
https://covidnow.app/
Non-Authoritative-Reason
HSTS
2.84eb9cbf.chunk.css
covidnow.app/static/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/static/css/2.84eb9cbf.chunk.css
Requested by
Host: covidnow.app
URL: https://covidnow.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
898db271f0127297cb71934803e9f574d797653412cc0489d6a03c033bc32e52
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 13:25:27 GMT
content-encoding
br
status
200
server
Vercel
age
0
x-vercel-id
zrh1::tn878-1590153927400-c5f4e569ed43
etag
W/"898db271f0127297cb71934803e9f574d797653412cc0489d6a03c033bc32e52"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
x-vercel-trace
zrh1
content-disposition
inline; filename="2.84eb9cbf.chunk.css"
x-vercel-cache
MISS
main.344309d4.chunk.css
covidnow.app/static/css/ 		196 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/static/css/main.344309d4.chunk.css
Requested by
Host: covidnow.app
URL: https://covidnow.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
0bb58606e1dd1c2d57ed713f4468cd345a37cc2c740cb3d0b8e3e12a6cb0f79d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 13:25:27 GMT
content-encoding
br
status
200
server
Vercel
age
0
x-vercel-id
zrh1::tn878-1590153927400-44b95551d701
etag
W/"0bb58606e1dd1c2d57ed713f4468cd345a37cc2c740cb3d0b8e3e12a6cb0f79d"
strict-transport-security
max-age=63072000
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
x-vercel-trace
zrh1
content-disposition
inline; filename="main.344309d4.chunk.css"
x-vercel-cache
MISS
2.bbb57417.chunk.js
covidnow.app/static/js/ 		710 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/static/js/2.bbb57417.chunk.js
Requested by
Host: covidnow.app
URL: https://covidnow.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
93896a7a5cfb9a532e257db9fa7ff9b92f45a0744c27237e2235a18a3a400c8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 13:25:28 GMT
content-encoding
br
status
200
server
Vercel
age
0
x-vercel-id
zrh1::tn878-1590153927403-ed8cd8100f54
etag
W/"93896a7a5cfb9a532e257db9fa7ff9b92f45a0744c27237e2235a18a3a400c8a"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
x-vercel-trace
zrh1
content-disposition
inline; filename="2.bbb57417.chunk.js"
x-vercel-cache
MISS
main.08ab0594.chunk.js
covidnow.app/static/js/ 		146 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/static/js/main.08ab0594.chunk.js
Requested by
Host: covidnow.app
URL: https://covidnow.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
36f0d38696a1805ac7a38c87c816fdcb9530cd5bba86cec8b485307e43f773b8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 22 May 2020 13:25:27 GMT
content-encoding
br
status
200
server
Vercel
age
0
x-vercel-id
zrh1::tn878-1590153927403-85bca5466be2
etag
W/"36f0d38696a1805ac7a38c87c816fdcb9530cd5bba86cec8b485307e43f773b8"
strict-transport-security
max-age=63072000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
x-vercel-trace
zrh1
content-disposition
inline; filename="main.08ab0594.chunk.js"
x-vercel-cache
MISS
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: covidnow.app
URL: https://covidnow.app/static/js/2.bbb57417.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
1749
date
Fri, 22 May 2020 12:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 22 May 2020 14:56:19 GMT
countries
api.covid19api.com/ 		20 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.covid19api.com/countries
Requested by
Host: covidnow.app
URL: https://covidnow.app/static/js/main.08ab0594.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
142.93.32.52 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
14a7396eeaa1f4469abf471d88bc35db264c37c5db9d00f9fb1fb50186268a9d
Security Headers
Name Value
Strict-Transport-Security max-age=5184000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Rate-Limit-Request-Remote-Addr
127.0.0.1:46110
Date
Fri, 22 May 2020 13:25:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Rate-Limit-Limit
10.00
Connection
keep-alive
X-Dns-Prefetch-Control
off
Vary
Origin, Accept-Encoding
X-Xss-Protection
1; mode=block
X-Request-Id
aabca0d1-d2eb-4841-8df2-481466b181b4
X-Rate-Limit-Duration
1
Server
nginx/1.14.0 (Ubuntu)
X-Frame-Options
DENY
X-Download-Options
noopen
Strict-Transport-Security
max-age=5184000; includeSubDomains
X-Rate-Limit-Request-Forwarded-For
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://covidnow.app
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
fontawesome-webfont.af7ae505.woff2
covidnow.app/static/media/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://covidnow.app/static/media/fontawesome-webfont.af7ae505.woff2
Requested by
Host: covidnow.app
URL: https://covidnow.app/static/js/2.bbb57417.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.65.228.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
161.228.65.34.bc.googleusercontent.com
Software
Vercel /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covidnow.app/static/css/2.84eb9cbf.chunk.css
Origin
https://covidnow.app

Response headers

date
Fri, 22 May 2020 13:25:28 GMT
status
200
server
Vercel
age
0
x-vercel-id
zrh1::tn878-1590153928627-9be7d043b8b6
etag
W/"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe"
strict-transport-security
max-age=63072000
content-type
font/woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
x-vercel-trace
zrh1
content-disposition
inline; filename="fontawesome-webfont.af7ae505.woff2"
accept-ranges
bytes
x-vercel-cache
MISS
content-length
77160
global
nuur-covid-api.herokuapp.com/ 		13 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nuur-covid-api.herokuapp.com/global
Requested by
Host: covidnow.app
URL: https://covidnow.app/static/js/main.08ab0594.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.123.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-123-112.eu-west-1.compute.amazonaws.com
Software
Cowboy / Express
Resource Hash
99f96a3879757fe1398f48024d1c61d024b3ede4b39e1df4eda9c1b6183e69b0

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 22 May 2020 13:25:29 GMT
Via
1.1 vegur
Last-Modified
Fri, 01 May 2020 12:43:24 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"32cf-171d0434de0"
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://covidnow.app
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13007
summary
api.covid19api.com/ 		39 B
520 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.covid19api.com/summary
Requested by
Host: covidnow.app
URL: https://covidnow.app/static/js/main.08ab0594.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
142.93.32.52 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1688380b01646ec000bae4bd8acb2e72edcd8266b838d0516b11355be99af5ed

Request headers

Referer
https://covidnow.app/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Rate-Limit-Request-Remote-Addr
127.0.0.1:46130
Date
Fri, 22 May 2020 13:25:28 GMT
X-Rate-Limit-Request-Forwarded-For
X-Rate-Limit-Limit
10.00
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://covidnow.app
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
39
X-Rate-Limit-Duration
1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonpcovid-dashboard function| Color function| Chart string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.covidnow.app/ Name: _gid
Value: GA1.2.1646398929.1590153928
.covidnow.app/ Name: _ga
Value: GA1.2.1111065003.1590153928

2 Console Messages

Source Level URL
Text
console-api error URL: https://covidnow.app/static/js/main.08ab0594.chunk.js(Line 1)
Message:
Error: Error getting summary
console-api log URL: https://covidnow.app/static/js/main.08ab0594.chunk.js(Line 1)
Message:
Content is cached for offline use.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000