urlscan.io logo urlscan.io
SecurityTrails logo

covid-blog.com Open in urlscan Pro
2606:4700:3031::6818:65ec  Public Scan

Go To Rescan Add Verdict Report
URL: https://covid-blog.com/
Submission: On March 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3031::6818:65ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid-blog.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 23rd 2020. Valid for: 7 months.
This is the only time covid-blog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.13.164 54113 (FASTLY)
2 151.101.14.114 54113 (FASTLY)
1 13.225.73.99 16509 (AMAZON-02)
1 104.16.169.79 13335 (CLOUDFLAR...)
1 162.144.128.165 46606 (UNIFIEDLA...)
1 104.16.93.165 13335 (CLOUDFLAR...)
1 54.228.232.122 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
21 11
8    2606:4700:3031::6818:65ec (United States)

ASN13335 (CLOUDFLARENET, US)
covid-blog.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static01.nyt.com
2    151.101.14.114 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.verywellhealth.com
1    13.225.73.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-99.fra2.r.cloudfront.net
ca-times.brightspotcdn.com
1    104.16.169.79 (United States)

ASN13335 (CLOUDFLARENET, US)
img.medscapestatic.com
1    162.144.128.165 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.arthritis.org
blog.arthritis.org
1    104.16.93.165 (United States)

ASN13335 (CLOUDFLARENET, US)
qtxasset.com
1    54.228.232.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-232-122.eu-west-1.compute.amazonaws.com
www.gov.bm
1    2600:9000:21f3:2200:16:b115:d0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.who.int
3    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 covid-blog.com covid-blog.com
3 fonts.gstatic.com covid-blog.com
2 www.verywellhealth.com covid-blog.com
1 www.who.int covid-blog.com
1 www.gov.bm covid-blog.com
1 qtxasset.com covid-blog.com
1 blog.arthritis.org covid-blog.com
1 img.medscapestatic.com covid-blog.com
1 ca-times.brightspotcdn.com covid-blog.com
1 static01.nyt.com covid-blog.com
1 fonts.googleapis.com covid-blog.com
21 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-23 -
2020-10-09		 7 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2022-04-06		 2 years crt.sh
dotdash.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-03-10 -
2021-03-11		 a year crt.sh
cdn.ca-times.psdops.com
Amazon		 2019-11-14 -
2020-12-14		 a year crt.sh
medscapestatic.com
CloudFlare Inc ECC CA-2		 2019-10-11 -
2020-10-09		 a year crt.sh
ssl400039.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-29 -
2020-09-06		 6 months crt.sh
www.gov.bm
QuoVadis Global SSL ICA G2		 2018-03-27 -
2020-03-27		 2 years crt.sh
*.who.int
COMODO RSA Domain Validation Secure Server CA		 2017-05-17 -
2020-05-16		 3 years crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid-blog.com/
Frame ID: B4AD0FDA16FA8C2E8FA1BC89637F268C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

21
Requests

95 %
HTTPS

36 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

505 kB
Transfer

636 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid-blog.com/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a3da56e95f39374ba675086f2fc25d72458566bf6f8adc5bdce9d2851f2b85

Request headers

:method
GET
:authority
covid-blog.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Thu, 26 Mar 2020 13:36:51 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df7f4f89ff5785b95855c9fce1ac7e6151585229811; expires=Sat, 25-Apr-20 13:36:51 GMT; path=/; domain=.covid-blog.com; HttpOnly; SameSite=Lax; Secure
link
<http://covid-blog.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57a143533d781f11-FRA
content-encoding
br
style.min.css
covid-blog.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Nov 2019 22:06:04 GMT
server
cloudflare
etag
W/"5dc1f24c-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
57a14354b9cd1f11-FRA
css
fonts.googleapis.com/ 		6 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20876784718b2c5e30cb7902e91103f0ac0f11e3e72c32c82f8f1024bc03c6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 13:36:51 GMT
server
ESF
date
Thu, 26 Mar 2020 13:36:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Mar 2020 13:36:51 GMT
style.css
covid-blog.com/wp-content/themes/davis/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-content/themes/davis/style.css?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd6bcec24bcd7b95dfe7747090568d5f53a0dd25c9a7bed2ed0eb30815aa166

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
W/"5c381252-455b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
57a14354b9cf1f11-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
covid-blog.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
etag
W/"5cde37d2-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
57a14354b9d01f11-FRA
jquery-migrate.min.js
covid-blog.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"573eaa90-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
57a14354b9d41f11-FRA
04coronavirus-selfquarantine04-articleLarge.jpg
static01.nyt.com/images/2020/02/04/us/04coronavirus-selfquarantine04/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2020/02/04/us/04coronavirus-selfquarantine04/04coronavirus-selfquarantine04-articleLarge.jpg?quality=75&auto=webp&disable=upscale
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a5c757a34d886d3d6b4c84d3426ba5be602a0baba3d5321ac835f6a62153fa0f

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
via
1.1 varnish, 1.1 varnish
age
450340
status
200
x-cache
HIT, HIT
fastly-io-info
ifsz=55950 idim=600x400 ifmt=jpeg ofsz=27114 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-cache-hits
1, 1
fastly-stats
io=1
content-length
27114
x-served-by
cache-bwi5140-BWI, cache-fra19173-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1585229812.020577,VS0,VE1
etag
"391GobYbZCtW7bHfSK75EsqpFBD7agLvMsqDf2jHaQU"
vary
Accept
x-goog-hash
crc32c=F5J2ew==, md5=xwusRaVwYA0ECdXX1i0MRQ==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2UqJ_ApKZv3NRL0XqcLxN-oKzl9clrBQ1JEyr25UetNiAF1FhO2-vlsIHfenZaahMoARa_p23IIZ1k8G4HnmSuP2z0KwFA
expires
Sat, 21 Mar 2020 08:31:11 GMT
GettyImages-557136101-56a9cff33df78cf772aab5f3.jpg
www.verywellhealth.com/thmb/bJEUhUKSORJcfoKSg2E3bKGot3E=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.verywellhealth.com/thmb/bJEUhUKSORJcfoKSg2E3bKGot3E=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/GettyImages-557136101-56a9cff33df78cf772aab5f3.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.114 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a7cb723aab5d421d9c75c27296b6e8143d0c54b1ee1e3e19f9d7ee8c294adbe

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age
17794
x-cache
MISS, HIT
status
200
content-length
18542
x-served-by
cache-bwi5145-BWI, cache-fra19179-FRA
last-modified
Thu, 20 Feb 2020 20:34:41 GMT
server
AmazonS3
etag
"60c5c03929c57863c6f73344517de855"
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/563/re.p"}]}
content-type
image/webp
cache-control
max-age=31536000,public,no-transform
accept-ranges
bytes
x-cache-hits
0, 1
GettyImages-540063024-57967d4a3df78ceb863e8bad.jpg
www.verywellhealth.com/thmb/SeaqPyy4Qes9iAhn7-sGfKv1y3c=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.verywellhealth.com/thmb/SeaqPyy4Qes9iAhn7-sGfKv1y3c=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/GettyImages-540063024-57967d4a3df78ceb863e8bad.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.114 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3022f11f2b4af2ad8132d22d204e3edd4425c563b1470cf18e549917c530f6d7

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age
17794
x-cache
MISS, HIT
status
200
content-length
5950
x-served-by
cache-bwi5127-BWI, cache-fra19179-FRA
last-modified
Fri, 21 Feb 2020 03:30:39 GMT
server
AmazonS3
etag
"a2f1d74aa6be7e3453c31bc7ba0d9d01"
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/563/re.p"}]}
content-type
image/webp
cache-control
max-age=31536000,public,no-transform
accept-ranges
bytes
x-cache-hits
0, 1
/
ca-times.brightspotcdn.com/dims4/default/e9f4505/2147483647/strip/true/crop/3000x1846+0+0/resize/840x517!/quality/90/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-times.brightspotcdn.com/dims4/default/e9f4505/2147483647/strip/true/crop/3000x1846+0+0/resize/840x517!/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F20%2F21%2F643efe6e453fb8dd74ddac72b5f8%2Fafp-getty-files-canada-prescription-drugs-pharmaceutical-pol.JPG
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-99.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
040114434dc391f68fd55149bfd10978268b3cb9198461860a5123ea6d156a11

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 15 Feb 2020 02:35:16 GMT
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
server
Apache
age
3495696
etag
919db3f8e2a0802e33f2a9229a0777cc
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA2-C2
content-length
84193
x-amz-cf-id
0xcjrdf7_0tL6bi95ZvqpHM8Hx7fczkQV3gNCm6kAlnfLMy5ujg_WA==
expires
Sun, 14 Feb 2021 02:35:16 GMT
WWW21250.jpg
img.medscapestatic.com/pi/features/drugdirectory/octupdate/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.medscapestatic.com/pi/features/drugdirectory/octupdate/WWW21250.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.169.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
066d9766a36ea847862db861c67bc8e232d586426ba035a01b379ba43d21efe4

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
cf-cache-status
HIT
age
1655
cf-polished
degrade=85, origSize=19987, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
12652
last-modified
Wed, 31 Aug 2016 21:58:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-server-id
img01-web.prf.ma1.medscape.com
cache-control
max-age=5251
accept-ranges
bytes
cf-ray
57a1435658ae2bda-AMS
expires
Thu, 26 Mar 2020 15:06:40 GMT
COVID19-blog-header-940x270.jpg
blog.arthritis.org/living-with-arthritis/wp-content/uploads/sites/14/2020/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://blog.arthritis.org/living-with-arthritis/wp-content/uploads/sites/14/2020/02/COVID19-blog-header-940x270.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
HTTP/1.1
Server
162.144.128.165 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.arthritis.org
Software
nginx/1.16.1 /
Resource Hash
5d9b1e6872def39f68884ddf5a163c014a1c32d4d0ed2562029759e022fc0a1c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 13:36:52 GMT
Last-Modified
Mon, 02 Mar 2020 16:29:05 GMT
Server
nginx/1.16.1
X-Server-Cache
false
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17113
bayer-office-building-socialmedia-1200x630.jpg
qtxasset.com/styles/breakpoint_sm_default_480px_w/s3/fiercepharma/1584544677/bayer-office-building-socialmedia-1200x630.jpg/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qtxasset.com/styles/breakpoint_sm_default_480px_w/s3/fiercepharma/1584544677/bayer-office-building-socialmedia-1200x630.jpg/bayer-office-building-socialmedia-1200x630.jpg?htoyZMTNCHerBVnS8rqA5d557KqYrB1I&itok=yT7wlPLo
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.93.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c4f22b02e33687bf1ee711417ee1b3704f61a9244387fa88ab670f436de756

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 26 Mar 2020 13:36:52 GMT
CF-Cache-Status
MISS
x-amz-request-id
0CB11CF8DB961CE6
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
139410
x-amz-id-2
hv7puxoX0KTZWrIug3+CkexbK7gvMPCIH2Vo+IKbgcWrNQ/3ZKfiYIjDkneXb5DvvZpdI6uKH8s=
Last-Modified
Wed, 18 Mar 2020 15:53:27 GMT
Server
cloudflare
ETag
"1f8602a6bb90a80f070c3a044214349c"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
x-amz-version-id
htoyZMTNCHerBVnS8rqA5d557KqYrB1I
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
CF-RAY
57a143564dd1d921-AMS
update_0.jpg
www.gov.bm/sites/default/files/field/image/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gov.bm/sites/default/files/field/image/update_0.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.232.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-232-122.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c266e3f9b14d3e950351fb41d7de746aaa1a098366580c2d0a2a008279c16f4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:53 GMT
via
varnish
x-content-type-options
nosniff
age
173443
x-cache
HIT
status
200
x-ah-environment
prod
content-length
112885
x-request-id
v-069b9406-6dd3-11ea-b951-67966712b8dc
last-modified
Tue, 10 Mar 2020 18:54:19 GMT
server
nginx
content-type
image/jpeg
expires
Tue, 07 Apr 2020 13:26:10 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
10855
coronavirus
www.who.int/health-topics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.who.int/health-topics/coronavirus
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:2200:16:b115:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

access-control-allow-origin
*
construct.js
covid-blog.com/wp-content/themes/davis/assets/js/ 		2 KB
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-content/themes/davis/assets/js/construct.js?ver=1.15
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84820a4a20f476e5a10a628fc615c721f1c1a613bf25e82cdeec923ed90e1958

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
W/"5c381252-719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
cf-ray
57a143555ba81f11-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
covid-blog.com/wp-includes/js/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
cloudflare
etag
W/"5d98f3b6-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
57a143555bb71f11-FRA
sep.png
covid-blog.com/wp-content/themes/davis/assets/images/ 		387 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid-blog.com/wp-content/themes/davis/assets/images/sep.png
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:65ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd365ad1c83e26ef30b5dbaea4b64461db4d76cd7d5efeb13be1fe179d121a4e

Request headers

Referer
https://covid-blog.com/wp-content/themes/davis/style.css?ver=5.3.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 13:36:52 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
"5c381252-183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
57a14355dd631f11-FRA
content-length
387
expires
Thu, 31 Dec 2037 23:55:55 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Mar 2020 16:48:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:27 GMT
server
sffe
age
420522
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13280
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:48:10 GMT
EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 20:30:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:48 GMT
server
sffe
age
1357596
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13372
x-xss-protection
0
expires
Wed, 10 Mar 2021 20:30:16 GMT
EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
fonts.gstatic.com/s/ptserif/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Mar 2020 00:40:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:32 GMT
server
sffe
age
1342603
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14020
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:40:09 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| davis object| wp object| jQuery112402608881071351543

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://covid-blog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.arthritis.org
ca-times.brightspotcdn.com
covid-blog.com
fonts.googleapis.com
fonts.gstatic.com
img.medscapestatic.com
qtxasset.com
static01.nyt.com
www.gov.bm
www.verywellhealth.com
www.who.int
104.16.169.79
104.16.93.165
13.225.73.99
151.101.13.164
151.101.14.114
162.144.128.165
2600:9000:21f3:2200:16:b115:d0c0:93a1
2606:4700:3031::6818:65ec
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2003
54.228.232.122
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
040114434dc391f68fd55149bfd10978268b3cb9198461860a5123ea6d156a11
066d9766a36ea847862db861c67bc8e232d586426ba035a01b379ba43d21efe4
1a7cb723aab5d421d9c75c27296b6e8143d0c54b1ee1e3e19f9d7ee8c294adbe
1bd6bcec24bcd7b95dfe7747090568d5f53a0dd25c9a7bed2ed0eb30815aa166
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20876784718b2c5e30cb7902e91103f0ac0f11e3e72c32c82f8f1024bc03c6e3
3022f11f2b4af2ad8132d22d204e3edd4425c563b1470cf18e549917c530f6d7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5d9b1e6872def39f68884ddf5a163c014a1c32d4d0ed2562029759e022fc0a1c
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
84820a4a20f476e5a10a628fc615c721f1c1a613bf25e82cdeec923ed90e1958
a5c4f22b02e33687bf1ee711417ee1b3704f61a9244387fa88ab670f436de756
a5c757a34d886d3d6b4c84d3426ba5be602a0baba3d5321ac835f6a62153fa0f
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
c266e3f9b14d3e950351fb41d7de746aaa1a098366580c2d0a2a008279c16f4c
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dd365ad1c83e26ef30b5dbaea4b64461db4d76cd7d5efeb13be1fe179d121a4e
e2a3da56e95f39374ba675086f2fc25d72458566bf6f8adc5bdce9d2851f2b85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855