Submitted URL: https://covid19-info.uk
Effective URL: https://covid-19.uk.com/
Submission: On March 26 via automatic , source certstream-suspicious

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 17 HTTP transactions.
The main IP is 2606:4700:3037::6812:25a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid-19.uk.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 21st 2020. Valid for: 7 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.111.9.35 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
17 10
Domain
Subdomains
Transfer
4 covid-19.uk.com
12 KB
3 jsdelivr.net
24 KB
2 gstatic.com
28 KB
2 fontawesome.com
86 KB
1 bootstrapcdn.com
16 KB
1 jquery.com
24 KB
1 joelduncan.io
428 KB
1 fonts.googleapis.com
548 B
1 cloudflare.com
4 KB
1 bootswatch.com
22 KB
1 covid19-info.uk
213 B
17 11
Domain Requested by
4 covid-19.uk.com covid-19.uk.com
code.jquery.com
3 cdn.jsdelivr.net covid-19.uk.com
ajax.cloudflare.com
2 fonts.gstatic.com covid-19.uk.com
2 use.fontawesome.com covid-19.uk.com
1 stackpath.bootstrapcdn.com ajax.cloudflare.com
1 code.jquery.com ajax.cloudflare.com
1 joelduncan.io covid-19.uk.com
1 fonts.googleapis.com covid-19.uk.com
1 ajax.cloudflare.com covid-19.uk.com
1 bootswatch.com covid-19.uk.com
1 covid19-info.uk 1 redirects
17 11

This site contains links to these domains. Also see Links.

Domain
www.nhs.uk
www.gov.uk
joelduncan.io
Subject / Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-03-21 -
2020-10-09
7 months
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-02-22 -
2020-08-30
6 months
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • https://covid19-info.uk/
  • https://covid-19.uk.com/
24 KB
6 KB
Document
General
Full URL
https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5f09375ecc5747ceda54a12384ecd06e53ee2bb8e02cae846a8b8d68d8ec49

Request headers

:method
GET
:authority
covid-19.uk.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Thu, 26 Mar 2020 08:21:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9627f36e497dda8a252af2af9851e2901585210877; expires=Sat, 25-Apr-20 08:21:17 GMT; path=/; domain=.covid-19.uk.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579f751119fadfc7-FRA
content-encoding
br

Redirect headers

status
301
date
Thu, 26 Mar 2020 08:21:17 GMT
cache-control
max-age=3600
expires
Thu, 26 Mar 2020 09:21:17 GMT
location
https://covid-19.uk.com/
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
579f7510bcee6389-FRA
bootstrap.min.css
bootswatch.com/4/darkly
179 KB
22 KB
Stylesheet
General
Full URL
https://bootswatch.com/4/darkly/bootstrap.min.css
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:d17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b0f4526d9d4795a6e9c6614a4ca2af0944c33f83d5ede6e5751f39a1c8665f6

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:21:17 GMT
content-encoding
br
cf-cache-status
HIT
age
457
status
200
last-modified
Tue, 17 Mar 2020 17:37:30 GMT
server
cloudflare
x-github-request-id
48F0:30E1:A577:CBC1:5E710C2B
etag
W/"5e710ada-2cd06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Thu, 26 Mar 2020 08:23:40 GMT
cache-control
max-age=14400
cf-ray
579f7512dd50dfc3-FRA
x-proxy-cache
MISS
bootstrap-select.min.css
cdn.jsdelivr.net/npm/bootstrap-select@1.13.9/dist/css
10 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.9/dist/css/bootstrap-select.min.css
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133aae81227644c3f25d54f7a4d2069d9b5dc1d4957379fdac83f53121f15c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1846436
cf-ray
579f7512da5c1f15-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19128-FRA
server
cloudflare
etag
W/"29e2-suzvEq2VZeLiGBQbsq4ZtG9HOA8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
style.php
/css
0
0
Stylesheet
General
Full URL
https://covid-19.uk.com/css/style.php
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cf-ray
579f7512be7ddfc7-FRA
all.css
use.fontawesome.com/releases/v5.7.1/css
53 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.1/css/all.css
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer
https://covid-19.uk.com/
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 08:21:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Feb 2019 18:49:40 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
email-decode.min.js
/cdn-cgi/scripts/5c5dd728/cloudflare-static
1 KB
833 B
Script
General
Full URL
https://covid-19.uk.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:21:17 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 23 Mar 2020 15:58:02 GMT
server
cloudflare
etag
W/"5e78dc8a-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
579f7512be81dfc7-FRA
expires
Sat, 28 Mar 2020 08:21:17 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:21:17 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 23 Mar 2020 15:58:02 GMT
server
cloudflare
etag
W/"5e78dc8a-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
579f7512b851bf00-FRA
expires
Sat, 28 Mar 2020 08:21:17 GMT
css?family=Lato:400,700,400italic&display=swap
fonts.googleapis.com
2 KB
548 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ece8bc3195e86cf40f6f3d35b87141693bcd7ea1576f9963555c5b917137215e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 08:21:17 GMT
server
ESF
date
Thu, 26 Mar 2020 08:21:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Mar 2020 08:21:17 GMT
bootstrap-select.min.js
cdn.jsdelivr.net/npm/bootstrap-select@1.13.9/dist/js
49 KB
14 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-select@1.13.9/dist/js/bootstrap-select.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d672d477caa66ca149e3dbf353bbee6fb54e4318dbd73cbd143b20b637da93b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12705086
cf-ray
579f75141df01f15-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21033-AMS, cache-fra19156-FRA
server
cloudflare
etag
W/"c5d6-lUSGbM16psy78+idAV2KmTEoN+k"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
coronavirus-header.jpg
joelduncan.io/content/images/size/w2000/2020/03
427 KB
428 KB
Image
General
Full URL
https://joelduncan.io/content/images/size/w2000/2020/03/coronavirus-header.jpg
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681f:4aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2946399f39c4a7321ff7c063f63bb492e831b340910350cdb8ac2670a531bfbc

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
cf-cache-status
HIT
last-modified
Fri, 20 Mar 2020 13:24:19 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6ab3a-170f81dace4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
579f7514ebb50ea7-FRA
content-length
437050
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:02:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1844330
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:02:28 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato:400,700,400italic&display=swap
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 10:31:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
2411371
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Fri, 26 Feb 2021 10:31:47 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.1/webfonts
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.7.1/webfonts/fa-solid-900.woff2
Requested by
Host: covid-19.uk.com
URL: https://covid-19.uk.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9

Request headers

Referer
https://use.fontawesome.com/releases/v5.7.1/css/all.css
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
last-modified
Fri, 01 Feb 2019 18:50:17 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"3638e62ea50e6f5859b6a15276c25c87"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74320
jquery-3.4.1.slim.min.js
code.jquery.com
69 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://covid-19.uk.com/
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:21:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 May 2019 21:14:27 GMT
Server
nginx
ETag
W/"5cca0c33-1157d"
Vary
Accept-Encoding
X-HW
1585210878.dop053.fr8.t,1585210878.cds008.fr8.shn,1585210878.dop053.fr8.t,1585210878.cds121.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24328
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid-19.uk.com/
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
12338682
cf-ray
579f7515ef7cbeb0-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21026-AMS, cache-hhn4073-HHN
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js
59 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Request headers

Referer
https://covid-19.uk.com/
Origin
https://covid-19.uk.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
content-encoding
gzip
last-modified
Thu, 28 Nov 2019 17:52:52 GMT
access-control-allow-origin
*
etag
"1574963572"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
15919
undefined
24 KB
5 KB
Stylesheet
General
Full URL
https://covid-19.uk.com/undefined
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:25a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932c4f0a9383b67e1e0b3d97ba4064180cf1421f2f008bd36044999aa101c2d5

Request headers

Referer
https://covid-19.uk.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:21:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cf-ray
579f7516487edfc7-FRA

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://covid19-info.uk/
  • https://covid-19.uk.com/

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR function| $ function| jQuery function| Popper object| bootstrap object| themes boolean| __cfRLUnblockHandlers

1 Cookies

Domain/Path Name / Value
.covid-19.uk.com/ Name: __cfduid
Value: d9627f36e497dda8a252af2af9851e2901585210877

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.cloudflare.com
bootswatch.com
cdn.jsdelivr.net
code.jquery.com
covid-19.uk.com
covid19-info.uk
fonts.googleapis.com
fonts.gstatic.com
joelduncan.io
stackpath.bootstrapcdn.com
use.fontawesome.com


2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3a
23.111.9.35
2606:4700:3031::681f:4aed
2606:4700:3033::681c:d17
2606:4700:3037::6812:25a2
2606:4700:3037::6812:3eaa
2606:4700::6810:5714
2606:4700::6811:4104
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
133aae81227644c3f25d54f7a4d2069d9b5dc1d4957379fdac83f53121f15c84
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2946399f39c4a7321ff7c063f63bb492e831b340910350cdb8ac2670a531bfbc
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
7a5f09375ecc5747ceda54a12384ecd06e53ee2bb8e02cae846a8b8d68d8ec49
8b0f4526d9d4795a6e9c6614a4ca2af0944c33f83d5ede6e5751f39a1c8665f6
932c4f0a9383b67e1e0b3d97ba4064180cf1421f2f008bd36044999aa101c2d5
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e6bd5b2d75bba485d2337d020750744983a3521ec697adfe21b29ee4f14f6a9
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
d672d477caa66ca149e3dbf353bbee6fb54e4318dbd73cbd143b20b637da93b3
ece8bc3195e86cf40f6f3d35b87141693bcd7ea1576f9963555c5b917137215e