URL: http://covid.ca/
Submission: On May 29 via api from BE

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 69.172.201.153, located in United States and belongs to DOSARREST, US. The main domain is covid.ca.
This is the only time covid.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 69.172.201.153 19324 (DOSARREST)
1 2a00:1450:400... 15169 (GOOGLE)
17 2600:9000:219... 16509 (AMAZON-02)
26 3
Apex Domain
Subdomains
Transfer
17 uniregistry.com
imageserver.uniregistry.com
66 KB
8 covid.ca
covid.ca
11 KB
1 googleapis.com
ajax.googleapis.com
30 KB
26 3
Domain Requested by
17 imageserver.uniregistry.com covid.ca
ajax.googleapis.com
8 covid.ca covid.ca
1 ajax.googleapis.com covid.ca
26 3

This site contains no links.

Subject Issuer Validity Valid

This page contains 4 frames:

Primary Page: http://covid.ca/
Frame ID: F0BAEC32600513F3F12A4F7A65DE0229
Requests: 2 HTTP requests in this frame

Frame: http://covid.ca/t.php?uid=covid5ed11f43262f29.93647687&src=&cat=health&kw=&sc=pharmaceuticals
Frame ID: 3D80A08BB2F36D2323C90B343F4BFD9D
Requests: 2 HTTP requests in this frame

Frame: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Frame ID: 2864C8BEF5BA8F041AF55EF32BDD5E28
Requests: 20 HTTP requests in this frame

Frame: http://covid.ca/page.php?covid5ed11f43262f29.93647687
Frame ID: 4FAA3156318288982049D75A3F2C9E32
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://covid.ca/ Page URL
  2. http://covid.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

26
Requests

0 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

107 kB
Transfer

196 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid.ca/ Page URL
  2. http://covid.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
covid.ca/
2 KB
1 KB
Document
General
Full URL
http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx /
Resource Hash
f7390352fd3e5fc8b138f38d50474b12eaf37a8c3b3e610c004cfa2cac4236dd

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 29 May 2020 14:42:10 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
X-DIS-Request-ID
fc192d09d3b0e75c4378b9e5ee5fab55
P3P
CP="NON DSP COR ADMa OUR IND UNI COM NAV INT"
Cache-Control
no-cache
Content-Encoding
gzip
Primary Request Cookie set /
covid.ca/
972 B
1007 B
Document
General
Full URL
http://covid.ca/
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
2d6834ffb3e9ba1a5c28ca472e029e482c8eb564ab5589235c284b84e88e25d9

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=82.102.19.136
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Fri, 29 May 2020 14:42:11 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
521
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Set-Cookie
uid=covid5ed11f43262f29.93647687; expires=Sun, 28-Jun-2020 14:42:11 GMT; Max-Age=2592000 SRV=lander03|XtEfR|XtEfR; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-control
private
X-DIS-Request-ID
461f27984d4e7ece74f1f557a6af13cd
t.php
covid.ca/ Frame 3D80
2 KB
1 KB
Document
General
Full URL
http://covid.ca/t.php?uid=covid5ed11f43262f29.93647687&src=&cat=health&kw=&sc=pharmaceuticals
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
0064eac1a40962f58920334fd29d89da8846347746903440c40832f133630c7c

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=82.102.19.136; uid=covid5ed11f43262f29.93647687; SRV=lander03|XtEfR|XtEfR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Fri, 29 May 2020 14:42:11 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
799
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
a92c3f83ac6bea03d8ff350313e24f67
search.php
covid.ca/ Frame 2864
49 KB
6 KB
Document
General
Full URL
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
feb3a89d34f14d90ea27e466376ae3c11d8bd312119e6286fb7bfd49391fb011

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=82.102.19.136; uid=covid5ed11f43262f29.93647687; SRV=lander03|XtEfR|XtEfR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Fri, 29 May 2020 14:42:12 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
6025
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
668a2fe2a683418f8fb3f9c6fb367956
page.php
covid.ca/ Frame 4FAA
178 B
475 B
Document
General
Full URL
http://covid.ca/page.php?covid5ed11f43262f29.93647687
Requested by
Host: covid.ca
URL: http://covid.ca/
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
4cfa363f7e42f067ecdb538821db7761ea4d0ac6f2ce9a9c84621b03adb230d4

Request headers

Host
covid.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://covid.ca/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
YPF8827340282Jdskjhfiw_928937459182JAX666=82.102.19.136; uid=covid5ed11f43262f29.93647687; SRV=lander03|XtEfR|XtEfR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://covid.ca/

Response headers

Server
nginx
Date
Fri, 29 May 2020 14:42:11 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
161
Connection
keep-alive
Keep-Alive
timeout=20
X-Powered-By
PHP/5.6.33-0+deb8u1
Vary
Accept-Encoding
Content-Encoding
gzip
X-DIS-Request-ID
589e4f51c94a1fb0274e608bc8aa0fc9
track.php
covid.ca/ Frame 3D80
43 B
294 B
Image
General
Full URL
http://covid.ca/track.php?uid=covid5ed11f43262f29.93647687&d=covid.ca&sr=1600x1200
Requested by
Host: covid.ca
URL: http://covid.ca/t.php?uid=covid5ed11f43262f29.93647687&src=&cat=health&kw=&sc=pharmaceuticals
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://covid.ca/t.php?uid=covid5ed11f43262f29.93647687&src=&cat=health&kw=&sc=pharmaceuticals
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 14:42:11 GMT
Server
nginx
X-Powered-By
PHP/5.6.33-0+deb8u1
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
43
X-DIS-Request-ID
14a6ab700d3ad7bdf2bf3ca4f1d3b4c2
img.php
covid.ca/ Frame 4FAA
43 B
294 B
Image
General
Full URL
http://covid.ca/img.php?covid5ed11f43262f29.93647687
Requested by
Host: covid.ca
URL: http://covid.ca/page.php?covid5ed11f43262f29.93647687
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx / PHP/5.6.33-0+deb8u1
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://covid.ca/page.php?covid5ed11f43262f29.93647687
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 14:42:11 GMT
Server
nginx
X-Powered-By
PHP/5.6.33-0+deb8u1
Content-Type
image/gif
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
43
X-DIS-Request-ID
41910ea1c468cae0d9e14cadec28e469
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ Frame 2864
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 May 2020 03:19:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
300160
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30082
X-XSS-Protection
0
Expires
Wed, 26 May 2021 03:19:32 GMT
base64.js
covid.ca/js/ Frame 2864
990 B
877 B
Script
General
Full URL
http://covid.ca/js/base64.js
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
69.172.201.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software
nginx /
Resource Hash
75d6763b1edf359859a39678fae04b5ce63d5285f9625bb835495759e8337f17

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 14:42:12 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2016 16:25:44 GMT
Server
nginx
ETag
"3de-541e639597200-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
500
X-DIS-Request-ID
8cb0f4274b98b3d8e67dd62d8a0dd711
pharmaceuticals.jpg
imageserver.uniregistry.com/titlebg/health/ Frame 2864
43 KB
44 KB
Image
General
Full URL
http://imageserver.uniregistry.com/titlebg/health/pharmaceuticals.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4b400bec8148da918f7420722a112f51556019155a6ad134e23eb19ea2fe8de

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:04:53 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 20:06:33 GMT
Server
AmazonS3
Age
59840
ETag
"6a3791f1a92c667b81c3c646b3465185"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
44391
X-Amz-Cf-Id
Z7er-B6tEIJqLl1vhuWjTukwV7xB3QxmsSZnCzsXE87BOI68kXprVw==
c1.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c1.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7c804eb190beb369bfeb0478e7d4a84f932f8969d3a0e3274aadef0f28dac9f

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 14:42:12 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH50-C1
ETag
"cb00d918096e019da172af69e7f37ed5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
2550
X-Amz-Cf-Id
d6j_XTA-UBLcP8wwTc7uMtl4slk3k8Z8OMttFTEUOoyxNYlgWwtUtQ==
c2.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c2.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02d8f9b1483c71785737b20993874fabf35f406370b929bb41ddfcb40056f5ee

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 11:12:08 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
12605
ETag
"ed12a94b7bc189a521786dcec3897181"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2273
X-Amz-Cf-Id
ORWSRw20WozqN87xGnyt_6IWUhAbfaCpyM3xva6HRXS6vamKTBP8Fg==
c3.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
2 KB
2 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c3.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb1041239cec719dffc322490b1c7e1ec0114f156c12a4645047e0a96157e229

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:43:36 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
57517
ETag
"2bee9af7292da02377bbd0ad9d9c900c"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
1928
X-Amz-Cf-Id
WnK-QC7EcrBu7kVLsC44Zkr0aib1CYuXOa9_XFIhybpYbMJ-6m02Xw==
c4.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
3 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c4.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2c41448f54aa9f6d901a4d46795e03f3304ef271a3826c0372837e7009057c5

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 11:44:15 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
10678
ETag
"0649054de7982ea698f82f551db4ec99"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2576
X-Amz-Cf-Id
FhwZ4osgLr_Q7_UvCMKjIfeumTTpskSFN8-c64CjYeWZAP5-LUScRg==
c5.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
2 KB
3 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c5.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c8e04d468f88cc5e0e6f808003ac74b0a86eaad05ecaaa45c37d397f8ae2e2c

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 15:16:33 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
84341
ETag
"5f5cf7d67e0d04dcfa60a7b4df2c4797"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
2511
X-Amz-Cf-Id
rdt2Xk12LImFQR5MdKAifz3nrnlGhvr85oiH4ufqPPquGXgV-Bs_Uw==
c6.jpg
imageserver.uniregistry.com/catimg/health/ Frame 2864
2 KB
2 KB
Image
General
Full URL
http://imageserver.uniregistry.com/catimg/health/c6.jpg
Requested by
Host: covid.ca
URL: http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
958100a5190d3f2c17aaba4f3e9198b1c21bff1a275a0f22a7413b62fe5ca829

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 22:43:36 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:27:33 GMT
Server
AmazonS3
Age
57517
ETag
"8ee5b5d573aadd95f5f62e6566f9e759"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
1842
X-Amz-Cf-Id
cuD_H5pj-2E-Bljkmps15fzKuwAZuBB85a0MLVkwkBlnYoIk_L1dMQ==
ne.gif
imageserver.uniregistry.com/images/box/ Frame 2864
144 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/ne.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaa5bdec4a493948e4da35aa2a17b3f31d615826fef93702ad8357d2f7fb8289

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 23:32:25 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
139710
ETag
"1ab4584aaeb49eba0a816a4996232f61"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
ukcTesi_-NjpeSQe0DSDTWdSN5DlTVqxRZbjMgeQOgd09Hld3bbNlQ==
nw.gif
imageserver.uniregistry.com/images/box/ Frame 2864
145 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/nw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dde962267fffe7670e4c17874cc0a0e3a7c077117e0bf3dcd9c32b364c15ca82

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 00:05:38 GMT
Via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
73748
ETag
"bc8117d1dec473ca4522f972e6c23956"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
145
X-Amz-Cf-Id
l98gKNe9QKaGhGl1WV_IY5eO1hrZ-PDrA0TP6CZyzZQshSXIy-z5DQ==
arrow2.gif
imageserver.uniregistry.com/images/ Frame 2864
137 B
577 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/arrow2.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f6e303434b550a4d65836c00b028b50e3da8c800ee77603f16865f01c789e24

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 16:37:19 GMT
Via
1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
79817
ETag
"765ce74437c4614f7cecef9a8cfe0a28"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
137
X-Amz-Cf-Id
t_zYgepWykYof14ceV5trZx1VtUMTiNxinG5Su_bftN_ZHctSqvEpQ==
se.gif
imageserver.uniregistry.com/images/box/ Frame 2864
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/se.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
298fe28a1224dd8b9734b379dfff51619435a885c108fab31751a327cbd47546

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 23:32:26 GMT
Via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
54587
ETag
"5dc5013055628c42c0614eced19c7676"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
yyvtuqxrsCODAnUhgAEQ-aJA9ORFd2oy9cWa7JuvF5MEgYj9rXu2rg==
sw.gif
imageserver.uniregistry.com/images/box/ Frame 2864
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/box/sw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dfa5f1c0eb4fb7a4a2a6d8c29dcbfc5efe89a10ba27c9cb0192489906d340108

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 00:05:39 GMT
Via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
52594
ETag
"235ecfd32108d68a301b1938952ba8c4"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
pGmCmqhF7WgDcbupRACOA5unA9ee_TH1WjhFIHn6Oz2W9EiwEwtUjA==
ne.gif
imageserver.uniregistry.com/images/rbox/ Frame 2864
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/ne.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a37e68af1ea9eb905df9bddcd3d53cccdade3b375125d634a14dcdc7298e1202

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 00:25:49 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
51384
ETag
"fb6653992d2e2858c8aa2a0b57da6428"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
_PQpS40Cdp3Y8laJnf0KpH_wVv7hczXnfuPlfNTkiLVmDxWi6aWgdQ==
nw.gif
imageserver.uniregistry.com/images/rbox/ Frame 2864
145 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/nw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27cbcc927518027641988893cabedf5fb6a71136cfea35b078428f55e1df43cb

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 May 2020 15:32:17 GMT
Via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
83467
ETag
"08aff729e1a74ec94ecbc48e3d6f2c63"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
145
X-Amz-Cf-Id
gTUCSi9LXnMm7XQKwmhNl7T4MPhNgflv3U08-Sr9gdZXB7Utpvjkeg==
arrow4.gif
imageserver.uniregistry.com/images/ Frame 2864
387 B
826 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/arrow4.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a6d5ed659cd9546ff5abe608242c0a736b1ccc050c3ebf83992ce275a07bc68

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 12:42:53 GMT
Via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
8860
ETag
"2bbc2c0a8619411524818208f8dbc5a7"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
387
X-Amz-Cf-Id
Nf4F2dzG3pMEkhohYANPExIQHYh7m4EvFHuOVgGI01klasWzJ9whNg==
se.gif
imageserver.uniregistry.com/images/rbox/ Frame 2864
144 B
584 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/se.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49320ba2ec61ecc46fb21a45b7608838fb846fe29c5be6eae66780d30186d411

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 01:46:58 GMT
Via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:30 GMT
Server
AmazonS3
Age
46594
ETag
"cc74cfb4ee86383d8a47ca853db24e32"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
U5k2wdgvF44lVQPhduTOPTjPKskEJzDhdn_4Z3Kx8cOHY1MODyGKrw==
sw.gif
imageserver.uniregistry.com/images/rbox/ Frame 2864
144 B
585 B
Image
General
Full URL
http://imageserver.uniregistry.com/images/rbox/sw.gif
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js
Protocol
HTTP/1.1
Server
2600:9000:2190:9600:1a:7182:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
217429d2c1d7157af8efd3c92b1ef266be389d83f1fee80d3e3b793a9b72620a

Request headers

Referer
http://covid.ca/search.php?uid=covid5ed11f43262f29.93647687&src=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 May 2020 00:25:47 GMT
Via
1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
Last-Modified
Thu, 07 Dec 2017 15:39:31 GMT
Server
AmazonS3
Age
134944
ETag
"bb14e1486c9e4409437dda75995da06e"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Content-Length
144
X-Amz-Cf-Id
QgHATeIlalcbup6tKSUDbWQzOp5hjYeRm3-3jP7XFWeWyFQClUtmuA==

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
covid.ca
imageserver.uniregistry.com
2600:9000:2190:9600:1a:7182:e8c0:93a1
2a00:1450:4001:81f::200a
69.172.201.153
0064eac1a40962f58920334fd29d89da8846347746903440c40832f133630c7c
02d8f9b1483c71785737b20993874fabf35f406370b929bb41ddfcb40056f5ee
1f6e303434b550a4d65836c00b028b50e3da8c800ee77603f16865f01c789e24
217429d2c1d7157af8efd3c92b1ef266be389d83f1fee80d3e3b793a9b72620a
27cbcc927518027641988893cabedf5fb6a71136cfea35b078428f55e1df43cb
298fe28a1224dd8b9734b379dfff51619435a885c108fab31751a327cbd47546
2a6d5ed659cd9546ff5abe608242c0a736b1ccc050c3ebf83992ce275a07bc68
2c8e04d468f88cc5e0e6f808003ac74b0a86eaad05ecaaa45c37d397f8ae2e2c
2d6834ffb3e9ba1a5c28ca472e029e482c8eb564ab5589235c284b84e88e25d9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
49320ba2ec61ecc46fb21a45b7608838fb846fe29c5be6eae66780d30186d411
4cfa363f7e42f067ecdb538821db7761ea4d0ac6f2ce9a9c84621b03adb230d4
75d6763b1edf359859a39678fae04b5ce63d5285f9625bb835495759e8337f17
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
958100a5190d3f2c17aaba4f3e9198b1c21bff1a275a0f22a7413b62fe5ca829
a37e68af1ea9eb905df9bddcd3d53cccdade3b375125d634a14dcdc7298e1202
a4b400bec8148da918f7420722a112f51556019155a6ad134e23eb19ea2fe8de
cb1041239cec719dffc322490b1c7e1ec0114f156c12a4645047e0a96157e229
d7c804eb190beb369bfeb0478e7d4a84f932f8969d3a0e3274aadef0f28dac9f
dde962267fffe7670e4c17874cc0a0e3a7c077117e0bf3dcd9c32b364c15ca82
dfa5f1c0eb4fb7a4a2a6d8c29dcbfc5efe89a10ba27c9cb0192489906d340108
e2c41448f54aa9f6d901a4d46795e03f3304ef271a3826c0372837e7009057c5
eaa5bdec4a493948e4da35aa2a17b3f31d615826fef93702ad8357d2f7fb8289
f7390352fd3e5fc8b138f38d50474b12eaf37a8c3b3e610c004cfa2cac4236dd
feb3a89d34f14d90ea27e466376ae3c11d8bd312119e6286fb7bfd49391fb011