URL: http://covid.ca/
Submission: On May 28 via api from BE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 69.172.201.153, located in United States and belongs to DOSARREST, US. The main domain is covid.ca.
This is the only time covid.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 69.172.201.153 19324 (DOSARREST)
1 2a00:1450:400... 15169 (GOOGLE)
17 2600:9000:219... 16509 (AMAZON-02)
26 3
Apex Domain
Subdomains
Transfer
17 uniregistry.com
imageserver.uniregistry.com
66 KB
8 covid.ca
covid.ca
11 KB
1 googleapis.com
ajax.googleapis.com
30 KB
26 3
Domain Requested by
17 imageserver.uniregistry.com covid.ca
ajax.googleapis.com
8 covid.ca covid.ca
1 ajax.googleapis.com covid.ca
26 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 4 frames:

Primary Page: http://covid.ca/
Frame ID: 5D6384E4AE2A7842A306F9154664B78F
Requests: 2 HTTP requests in this frame

Frame: http://covid.ca/t.php?uid=covid5ed03583331b93.00117577&src=&cat=health&kw=&sc=pharmaceuticals
Frame ID: B7FEDEF38D74BC9B117E359A9DC9A402
Requests: 2 HTTP requests in this frame

Frame: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Frame ID: 7093AE92ED056790EEA9C0FC8BBE71A3
Requests: 20 HTTP requests in this frame

Frame: http://covid.ca/page.php?covid5ed03583331b93.00117577
Frame ID: 5D026275D1EA1C28F05ACF5FA965DA16
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://covid.ca/ Page URL
  2. http://covid.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

26
Requests

0 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

107 kB
Transfer

196 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid.ca/ Page URL
  2. http://covid.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
covid.ca/
2 KB
1 KB
Document
General
Full URL
http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Thu, 28 May 2020 22:04:50 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
7e9a8bfa935dd82d783bedde0f930820
P3P
CP="NON DSP COR ADMa OUR IND UNI COM NAV INT"
Cache-Control
no-cache
Content-Encoding
gzip
Primary Request Cookie set /
covid.ca/
972 B
1005 B
Document
General
Full URL
http://covid.ca/
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
c8fc36b6bca91b01d4cf231c0db02fa753fa6abd82c0c1bf25d1c56e910c087e

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=165.231.142.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Thu, 28 May 2020 22:04:51 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
519
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Set-Cookie
uid=covid5ed03583331b93.00117577; expires=Sat, 27-Jun-2020 22:04:51 GMT; Max-Age=2592000 SRV=lander01|XtA1h|XtA1h; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-control
private
X-DIS-Request-ID
4592cece0d0129729b7626c52a2fc75e
t.php
covid.ca/ Frame B7FE
2 KB
1 KB
Document
General
Full URL
http://covid.ca/t.php?uid=covid5ed03583331b93.00117577&src=&cat=health&kw=&sc=pharmaceuticals
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
f9cc883d29ed6ec41275a194f0f7c917ca16294202717b2ddc0ba678a0ddc95f

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=165.231.142.36; uid=covid5ed03583331b93.00117577; SRV=lander01|XtA1h|XtA1h
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Thu, 28 May 2020 22:04:51 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
799
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
88abcea4f0ebbec1e63d0d035dd7282d
search.php
covid.ca/ Frame 7093
49 KB
6 KB
Document
General
Full URL
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
66a8add15a5809b24c0775fab215aed80606852db2a4db2f77ef36ebfb4510b3

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=165.231.142.36; uid=covid5ed03583331b93.00117577; SRV=lander01|XtA1h|XtA1h
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Thu, 28 May 2020 22:04:52 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
6027
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
e695c71fa399d3c2a6068c4bda897132
page.php
covid.ca/ Frame 5D02
178 B
474 B
Document
General
Full URL
http://covid.ca/page.php?covid5ed03583331b93.00117577
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
d9999fb466ca29e5cc7598cfebaf40e06165001b66b8df6a110dbc603c9a6499

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=165.231.142.36; uid=covid5ed03583331b93.00117577; SRV=lander01|XtA1h|XtA1h
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Thu, 28 May 2020 22:04:51 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
160
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
552213fcbfb29301d265096ec0cab0b9
track.php
covid.ca/ Frame B7FE
43 B
294 B
Image
General
Full URL
http://covid.ca/track.php?uid=covid5ed03583331b93.00117577&d=covid.ca&sr=1600x1200
Requested by
Host: covid.ca
URL: http://covid.ca/t.php?uid=covid5ed03583331b93.00117577&src=&cat=health&kw=&sc=pharmaceuticals
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://covid.ca/t.php?uid=covid5ed03583331b93.00117577&src=&cat=health&kw=&sc=pharmaceuticals
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:04:52 GMT
Server
nginx
X-Powered-By
PHP/5.6.33-0+deb8u1
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
43
X-DIS-Request-ID
8a127b44e1fc0f6586b7e56f7ff3a9d6
img.php
covid.ca/ Frame 5D02
43 B
294 B
Image
General
Full URL
http://covid.ca/img.php?covid5ed03583331b93.00117577
Requested by
Host: covid.ca
URL: http://covid.ca/page.php?covid5ed03583331b93.00117577
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://covid.ca/page.php?covid5ed03583331b93.00117577
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:04:52 GMT
Server
nginx
X-Powered-By
PHP/5.6.33-0+deb8u1
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
43
X-DIS-Request-ID
c9cf2eecb16ea4a8b00a1186837455ff
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ Frame 7093
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 12:26:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
121095
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30082
X-XSS-Protection
0
Expires
Thu, 27 May 2021 12:26:37 GMT
base64.js
covid.ca/js/ Frame 7093
990 B
877 B
Script
General
Full URL
http://covid.ca/js/base64.js
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx /
Resource Hash
75d6763b1edf359859a39678fae04b5ce63d5285f9625bb835495759e8337f17

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:04:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2016 16:25:44 GMT
Server
nginx
ETag
"3de-541e639597200-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
500
X-DIS-Request-ID
18329e4869b7af0f4c913d38f62b7790
pharmaceuticals.jpg
imageserver.uniregistry.com/titlebg/health/ Frame 7093
43 KB
44 KB
Image
General
Full URL
http://imageserver.uniregistry.com/titlebg/health/pharmaceuticals.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4b400bec8148da918f7420722a112f51556019155a6ad134e23eb19ea2fe8de

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:04:53 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 20:06:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH50-C1
ETag
"6a3791f1a92c667b81c3c646b3465185"
X-Cache
RefreshHit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
44391
X-Amz-Cf-Id
8vq03EcTw6tQF6V9R2m55u-E7q5i10TVCVX1-SwE9CCnCs2JJYw5dg==
c1.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c1.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c804eb190beb369bfeb0478e7d4a84f932f8969d3a0e3274aadef0f28dac9f

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 14:06:44 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
28689
ETag
"cb00d918096e019da172af69e7f37ed5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2550
X-Amz-Cf-Id
zf5ethB0Nm6AOVMF6RTyibcvrEQevLmaf1zgCHNoQjFjBsym6iBCcQ==
c2.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c2.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02d8f9b1483c71785737b20993874fabf35f406370b929bb41ddfcb40056f5ee

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 11:05:32 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
39562
ETag
"ed12a94b7bc189a521786dcec3897181"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2273
X-Amz-Cf-Id
GDdTvs37IU8a2DUQYhEgyzPjX7RTO8p41GqBagNeSw1aYYM_GG94Yg==
c3.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
2 KB
2 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c3.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb1041239cec719dffc322490b1c7e1ec0114f156c12a4645047e0a96157e229

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 22:42:29 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
84145
ETag
"2bee9af7292da02377bbd0ad9d9c900c"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
1928
X-Amz-Cf-Id
unbHk_z7j9z2zVjuIVCBtr1m0XPnhYXWg82X7gwx17t3Ch1UYgZWag==
c4.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
3 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c4.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2c41448f54aa9f6d901a4d46795e03f3304ef271a3826c0372837e7009057c5

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 11:21:45 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
38589
ETag
"0649054de7982ea698f82f551db4ec99"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2576
X-Amz-Cf-Id
g_X61ZH3KzYwKMBsJljPROocTBbknkWCcX7vqho8AKCv5E9sB5EP1g==
c5.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c5.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c8e04d468f88cc5e0e6f808003ac74b0a86eaad05ecaaa45c37d397f8ae2e2c

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 15:16:33 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
24501
ETag
"5f5cf7d67e0d04dcfa60a7b4df2c4797"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2511
X-Amz-Cf-Id
ZxvZSVF34rmAQJgsNqf3js7MfTKVM6yBV01W9a_HliAG-nxn8BGlwA==
c6.jpg
imageserver.uniregistry.com/catimg/health/ Frame 7093
2 KB
2 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c6.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
958100a5190d3f2c17aaba4f3e9198b1c21bff1a275a0f22a7413b62fe5ca829

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 22:42:30 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
84143
ETag
"8ee5b5d573aadd95f5f62e6566f9e759"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
1842
X-Amz-Cf-Id
j3lUgINetPqGanb0kdTPD-gyfQkQl7urF_V8kPOPz4EuJiJYUNR5uQ==
ne.gif
imageserver.uniregistry.com/images/box/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/ne.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaa5bdec4a493948e4da35aa2a17b3f31d615826fef93702ad8357d2f7fb8289

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 23:29:23 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
81330
ETag
"1ab4584aaeb49eba0a816a4996232f61"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
e9H1MdSzQ6DbkOYJLMnMvs_EdFmd9FrbjvX81YEM1Md8J9c1P5QYIg==
nw.gif
imageserver.uniregistry.com/images/box/ Frame 7093
145 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/nw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dde962267fffe7670e4c17874cc0a0e3a7c077117e0bf3dcd9c32b364c15ca82

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 00:03:29 GMT
Via
1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
79284
ETag
"bc8117d1dec473ca4522f972e6c23956"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
145
X-Amz-Cf-Id
HwzjUkTqHKYQbC3XSjtt2TYGpls8065AD_se_5kBVgGGO0QipcjNyQ==
arrow2.gif
imageserver.uniregistry.com/images/ Frame 7093
137 B
577 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/arrow2.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f6e303434b550a4d65836c00b028b50e3da8c800ee77603f16865f01c789e24

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 16:37:19 GMT
Via
1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
19977
ETag
"765ce74437c4614f7cecef9a8cfe0a28"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
137
X-Amz-Cf-Id
tbv4fDhn6u5opJ4__7L0RmtDGS4-prcKQ5R3JuGOQK0aAeCe6rMFqA==
se.gif
imageserver.uniregistry.com/images/box/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/se.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
298fe28a1224dd8b9734b379dfff51619435a885c108fab31751a327cbd47546

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 23:29:23 GMT
Via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
81330
ETag
"5dc5013055628c42c0614eced19c7676"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
Anfb0N0BUfTYJwUZfbTXyLMvlopgltrN42AifWrHtDjZz--YAsivQA==
sw.gif
imageserver.uniregistry.com/images/box/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/sw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfa5f1c0eb4fb7a4a2a6d8c29dcbfc5efe89a10ba27c9cb0192489906d340108

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 00:03:29 GMT
Via
1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
79284
ETag
"235ecfd32108d68a301b1938952ba8c4"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
FV0ulHd8UAOoQ4ghzDH8CznqwVK5hZJtbkW83TKlBpa6dvvAPxuiSA==
ne.gif
imageserver.uniregistry.com/images/rbox/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/ne.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a37e68af1ea9eb905df9bddcd3d53cccdade3b375125d634a14dcdc7298e1202

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 00:10:31 GMT
Via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
78862
ETag
"fb6653992d2e2858c8aa2a0b57da6428"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
76nXjQY9PlXPSfz55Dc_PKJ4mm7ySEmfpFwMwu8ukgpEug13n-h3SA==
nw.gif
imageserver.uniregistry.com/images/rbox/ Frame 7093
145 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/nw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27cbcc927518027641988893cabedf5fb6a71136cfea35b078428f55e1df43cb

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 15:32:17 GMT
Via
1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
23627
ETag
"08aff729e1a74ec94ecbc48e3d6f2c63"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
145
X-Amz-Cf-Id
_h5NYXoPrQM6CUEiVJDtzIHofvX8-G5gmupNTeLiLi89UGaMxJMDSw==
arrow4.gif
imageserver.uniregistry.com/images/ Frame 7093
387 B
827 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/arrow4.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a6d5ed659cd9546ff5abe608242c0a736b1ccc050c3ebf83992ce275a07bc68

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 12:26:35 GMT
Via
1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
35473
ETag
"2bbc2c0a8619411524818208f8dbc5a7"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
387
X-Amz-Cf-Id
Qwmkge81_SkmWsK0fXx0T76HUyAlcAxFLEDfjPhHx2kZb4jlhZYocA==
se.gif
imageserver.uniregistry.com/images/rbox/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/se.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49320ba2ec61ecc46fb21a45b7608838fb846fe29c5be6eae66780d30186d411

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 01:45:53 GMT
Via
1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
73281
ETag
"cc74cfb4ee86383d8a47ca853db24e32"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
kp_4iZHOgqe1ccS65sJWSRhvC0XjOfbs1dWevs0PoZ3FyqGJMZD7PA==
sw.gif
imageserver.uniregistry.com/images/rbox/ Frame 7093
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/sw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:e600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217429d2c1d7157af8efd3c92b1ef266be389d83f1fee80d3e3b793a9b72620a

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed03583331b93.00117577&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 May 2020 00:14:57 GMT
Via
1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:31 GMT
Server
AmazonS3
Age
78596
ETag
"bb14e1486c9e4409437dda75995da06e"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
0GEns7M0NlN_gNq4twGJpKWxp4yDUfqjLaxBDZfvdysjTa1GveBhcQ==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Domain/Path Name / Value
covid.ca/ Name: SRV
Value: lander01|XtA1h|XtA1h
covid.ca/ Name: uid
Value: covid5ed03583331b93.00117577
covid.ca/ Name: YPF8827340282Jdskjhfiw_928937459182JAX666
Value: 165.231.142.36

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
covid.ca
imageserver.uniregistry.com
2600:9000:2190:e600:1a:7182:e8c0:93a1
2a00:1450:4001:809::200a
69.172.201.153
02d8f9b1483c71785737b20993874fabf35f406370b929bb41ddfcb40056f5ee
1f6e303434b550a4d65836c00b028b50e3da8c800ee77603f16865f01c789e24
217429d2c1d7157af8efd3c92b1ef266be389d83f1fee80d3e3b793a9b72620a
27cbcc927518027641988893cabedf5fb6a71136cfea35b078428f55e1df43cb
298fe28a1224dd8b9734b379dfff51619435a885c108fab31751a327cbd47546
2a6d5ed659cd9546ff5abe608242c0a736b1ccc050c3ebf83992ce275a07bc68
2c8e04d468f88cc5e0e6f808003ac74b0a86eaad05ecaaa45c37d397f8ae2e2c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
49320ba2ec61ecc46fb21a45b7608838fb846fe29c5be6eae66780d30186d411
66a8add15a5809b24c0775fab215aed80606852db2a4db2f77ef36ebfb4510b3
75d6763b1edf359859a39678fae04b5ce63d5285f9625bb835495759e8337f17
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
958100a5190d3f2c17aaba4f3e9198b1c21bff1a275a0f22a7413b62fe5ca829
a37e68af1ea9eb905df9bddcd3d53cccdade3b375125d634a14dcdc7298e1202
a4b400bec8148da918f7420722a112f51556019155a6ad134e23eb19ea2fe8de
c8fc36b6bca91b01d4cf231c0db02fa753fa6abd82c0c1bf25d1c56e910c087e
cb1041239cec719dffc322490b1c7e1ec0114f156c12a4645047e0a96157e229
d7c804eb190beb369bfeb0478e7d4a84f932f8969d3a0e3274aadef0f28dac9f
d9999fb466ca29e5cc7598cfebaf40e06165001b66b8df6a110dbc603c9a6499
dde962267fffe7670e4c17874cc0a0e3a7c077117e0bf3dcd9c32b364c15ca82
dfa5f1c0eb4fb7a4a2a6d8c29dcbfc5efe89a10ba27c9cb0192489906d340108
e2c41448f54aa9f6d901a4d46795e03f3304ef271a3826c0372837e7009057c5
eaa5bdec4a493948e4da35aa2a17b3f31d615826fef93702ad8357d2f7fb8289
f9cc883d29ed6ec41275a194f0f7c917ca16294202717b2ddc0ba678a0ddc95f