urlscan.io logo urlscan.io
SecurityTrails logo

covid.juliusleonardo.com Open in urlscan Pro
34.199.219.207  Public Scan

Go To Rescan Add Verdict Report
URL: https://covid.juliusleonardo.com/
Submission: On June 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 34.199.219.207, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is covid.juliusleonardo.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 5th 2020. Valid for: 3 months.
This is the only time covid.juliusleonardo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 34.199.219.207 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 63.33.90.8 16509 (AMAZON-02)
1 52.16.211.175 16509 (AMAZON-02)
8 6
3    34.199.219.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-219-207.compute-1.amazonaws.com
covid.juliusleonardo.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:402 (United States)

ASN13335 (CLOUDFLARENET, US)
www.worldometers.info
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    63.33.90.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-90-8.eu-west-1.compute.amazonaws.com
coronavirus-19-api.herokuapp.com
1    52.16.211.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-211-175.eu-west-1.compute.amazonaws.com
coronavirus-tracker-api.herokuapp.com
Domain Requested by
3 covid.juliusleonardo.com covid.juliusleonardo.com
1 coronavirus-tracker-api.herokuapp.com covid.juliusleonardo.com
1 coronavirus-19-api.herokuapp.com covid.juliusleonardo.com
1 fonts.gstatic.com covid.juliusleonardo.com
1 www.worldometers.info covid.juliusleonardo.com
1 fonts.googleapis.com covid.juliusleonardo.com
8 6

This site contains no links.

Subject Issuer Validity Valid
covid.juliusleonardo.com
Let's Encrypt Authority X3		 2020-06-05 -
2020-09-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-12 -
2020-10-09		 7 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2017-04-19 -
2020-06-22		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://covid.juliusleonardo.com/
Frame ID: 806D7E4D7C3E3B6A15DF4F06ADC10643
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

20 kB
Transfer

31 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid.juliusleonardo.com/ 		1 KB
800 B 		Document
General
Check archive.org
Download Go to
Full URL
https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.199.219.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-219-207.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e34c14a5546141be599ab4cf714a5c260256b1f43e32f9abe64e3e8cc6e50db3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
covid.juliusleonardo.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx/1.14.0 (Ubuntu)
date
Fri, 05 Jun 2020 17:53:11 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 05 Jun 2020 17:48:56 GMT
etag
W/"5eda8588-451"
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
css
fonts.googleapis.com/ 		7 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400&display=swap
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
afa91683898b6154b48df39ff47b1d13054ebefc3cead423c0e2ce5096c667a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Jun 2020 17:53:11 GMT
server
ESF
date
Fri, 05 Jun 2020 17:53:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jun 2020 17:53:11 GMT
styles.css
covid.juliusleonardo.com/ 		960 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid.juliusleonardo.com/styles.css
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.199.219.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-219-207.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f78e09a42254f9a4112ef9782bdcd9e65df40c64a84f95211d22c8a84e1e4ca1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:53:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 17:48:56 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5eda8588-3c0"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
accept-ranges
bytes
content-length
960
x-xss-protection
1; mode=block
app.js
covid.juliusleonardo.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid.juliusleonardo.com/app.js
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.199.219.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-219-207.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f1eee7c158152d32323083c6071d15d04fdb013d3e69d15de220e767a21962cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:53:12 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Jun 2020 17:48:56 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5eda8588-644"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
accept-ranges
bytes
content-length
1604
x-xss-protection
1; mode=block
tn_rp-flag.gif
www.worldometers.info/img/flags/small/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.worldometers.info/img/flags/small/tn_rp-flag.gif
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02aab4b47ed7f57c0f345f7ad2ef6d15b8c7d33b7492061f503b13f5c655dad7

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Jun 2020 17:53:12 GMT
cf-cache-status
HIT
age
490162
cf-polished
origFmt=gif, origSize=3061
status
200
content-disposition
inline; filename="tn_rp-flag.webp"
alt-svc
h3-27=":443"; ma=86400
content-length
1802
cf-request-id
0327369bce0000d6d5a61e3200000001
last-modified
Wed, 04 Apr 2018 01:41:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 07 Jun 2020 01:43:50 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
59ebc072e88fd6d5-FRA
cf-bgj
imgq:100,h2pri
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:100,300,400&display=swap
Origin
https://covid.juliusleonardo.com

Response headers

date
Thu, 21 May 2020 08:38:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1329284
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Fri, 21 May 2021 08:38:28 GMT
philippines
coronavirus-19-api.herokuapp.com/countries/ 		226 B
503 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://coronavirus-19-api.herokuapp.com/countries/philippines
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.90.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-90-8.eu-west-1.compute.amazonaws.com
Software
Cowboy / Express
Resource Hash
f04a5c8c193c063301d597ff46f70a3e5aa4ef7bed53b935629ba2c6f765796b

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 17:53:12 GMT
Via
1.1 vegur
Etag
W/"e2-6oLstTEigDDiLlF9IU6jH3NuDDo"
Server
Cowboy
X-Powered-By
Express
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
226
182
coronavirus-tracker-api.herokuapp.com/v2/locations/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://coronavirus-tracker-api.herokuapp.com/v2/locations/182
Requested by
Host: covid.juliusleonardo.com
URL: https://covid.juliusleonardo.com/app.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.211.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-211-175.eu-west-1.compute.amazonaws.com
Software
uvicorn /
Resource Hash
cf24b8badfd1e5f4931def57ce5fa1816a6d2bd3609685d2e13254028c7f56ce

Request headers

Referer
https://covid.juliusleonardo.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Jun 2020 17:53:12 GMT
Content-Encoding
gzip
Server
uvicorn
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1328
Via
1.1 vegur

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getOther function| getCovidStats

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block