nhswestessex.covid-demo.shiftpartner.com
Open in
urlscan Pro
13.224.102.26
Public Scan
Submission: On July 06 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Amazon on July 6th 2020. Valid for: a year.
This is the only time nhswestessex.covid-demo.shiftpartner.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 13.224.102.26 13.224.102.26 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6810:85e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:824::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c04::9c | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:817::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 52.56.65.252 52.56.65.252 | 16509 (AMAZON-02) (AMAZON-02) | |
15 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-26.zrh50.r.cloudfront.net
nhswestessex.covid-demo.shiftpartner.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-65-252.eu-west-2.compute.amazonaws.com
api.covid-demo.shiftpartner.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
shiftpartner.com
nhswestessex.covid-demo.shiftpartner.com api.covid-demo.shiftpartner.com |
1 MB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
1 |
google.de
www.google.de |
106 B |
1 |
google.com
1 redirects
www.google.com |
172 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
157 B |
1 |
googletagmanager.com
www.googletagmanager.com |
33 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
3 KB |
15 | 7 |
Domain | Requested by | |
---|---|---|
9 | nhswestessex.covid-demo.shiftpartner.com |
nhswestessex.covid-demo.shiftpartner.com
|
2 | api.covid-demo.shiftpartner.com |
nhswestessex.covid-demo.shiftpartner.com
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
1 | www.google.de |
nhswestessex.covid-demo.shiftpartner.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.googletagmanager.com |
nhswestessex.covid-demo.shiftpartner.com
|
1 | cdnjs.cloudflare.com |
nhswestessex.covid-demo.shiftpartner.com
|
15 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.covid.shiftpartner.com Amazon |
2020-07-06 - 2021-08-06 |
a year | crt.sh |
cloudflare.com Cloudflare Inc ECC CA-3 |
2020-07-04 - 2021-07-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-06-17 - 2020-09-09 |
3 months | crt.sh |
api.covid-demo.shiftpartner.com Amazon |
2020-06-19 - 2021-07-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nhswestessex.covid-demo.shiftpartner.com/
Frame ID: 0A7DD5A2248300D9D873DB4C84D5AF6D
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
Ant Design (JavaScript Frameworks) ExpandDetected patterns
- html /<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)/i
Amazon Web Services (PaaS) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1924461536&t=pageview&_s=1&dl=https%3A%2F%2Fnhswestessex.covid-demo.shiftpartner.com%2F&ul=en-us&de=UTF-8&dt=COVID%20Testing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1543096213&gjid=414239588&cid=1858459079.1594028761&tid=UA-166755016-2&_gid=1812009484.1594028761&_r=1>m=2ou6o0&z=1509527965 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-166755016-2&cid=1858459079.1594028761&jid=1543096213&_gid=1812009484.1594028761&gjid=414239588&_v=j83&z=1509527965 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-166755016-2&cid=1858459079.1594028761&jid=1543096213&_v=j83&z=1509527965 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-166755016-2&cid=1858459079.1594028761&jid=1543096213&_v=j83&z=1509527965&slf_rd=1&random=271259472
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nhswestessex.covid-demo.shiftpartner.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
nhswestessex.covid-demo.shiftpartner.com/ |
2 KB 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bowser.min.js
cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browserCheck.js
nhswestessex.covid-demo.shiftpartner.com/static/ |
3 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.37964d00.chunk.css
nhswestessex.covid-demo.shiftpartner.com/static/css/ |
454 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.e4273a86.chunk.css
nhswestessex.covid-demo.shiftpartner.com/static/css/ |
88 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.420236e6.chunk.js
nhswestessex.covid-demo.shiftpartner.com/static/js/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.6c1ec551.chunk.js
nhswestessex.covid-demo.shiftpartner.com/static/js/ |
456 KB 126 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.covid-demo.shiftpartner.com/api/v1/accounts/ |
115 B 314 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.covid-demo.shiftpartner.com/api/v1/accounts/ |
115 B 314 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceSansPro-Regular.982386e2.ttf
nhswestessex.covid-demo.shiftpartner.com/static/media/ |
116 KB 117 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceSansPro-ExtraLight.871ddabf.ttf
nhswestessex.covid-demo.shiftpartner.com/static/media/ |
117 KB 117 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| bowser function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonpfront-end function| setImmediate function| clearImmediate object| regeneratorRuntime function| Hammer function| _ function| Color function| Chart3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.shiftpartner.com/ | Name: _gid Value: GA1.2.1812009484.1594028761 |
|
.shiftpartner.com/ | Name: _gat_gtag_UA_166755016_2 Value: 1 |
|
.shiftpartner.com/ | Name: _ga Value: GA1.2.1858459079.1594028761 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.covid-demo.shiftpartner.com
cdnjs.cloudflare.com
nhswestessex.covid-demo.shiftpartner.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.102.26
2606:4700::6810:85e5
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:817::2004
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9c
52.56.65.252
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
318ec49da295ff2240abc7e10341373daad19b2b860cb1e8eee8a7b40de8cd19
58fe737ebe193d509382e9d664ce3eb298547efa8b2e74b0284d4d7e97577a93
73cdbb1ebe67d70a040e57334518d2d74b797def68c1c4fb67dcb4d0ffb546f2
741bbc147d06c4f93bc1f7f590b2d2307f79b8363bfd364495a373bcb5aec147
869f06e42d1a755a32f253a73f81235925cf27b686ba7702ce1f03fcc7738631
88494d6ca0b8fa7938f39b83a43398ecdbc04cd3f6173477a1a37ba1b878f47c
9810291f912ec2497a9472f7062ffe330583f9b3e76ca9e930925756e6d31897
a29ff2f8bb9c5dee7a71d63c3c29efc07bc95ec6e1fc0f57d0cdbed012b4e7ae
a4f7557b4d07c9564fa63b48e3f04e2fd862bc5fe4b659c659b6c9d672f26fda
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
c770886a9d8152cbe2e05daf0bb3c3c83db376f8684d697aee880652c286b8f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
feabc49dc4a727ad8461e187fd9096627d5bd9e44637dac06da66c0d7196bb4f