URL: https://covid19zim.site/
Submission: On March 25 via automatic, source certstream-suspicious

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 52.4.202.19, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is covid19zim.site.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 25th 2020. Valid for: 3 months.
This is the only time covid19zim.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 52.4.202.19 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains
Transfer
6 covid19zim.site
covid19zim.site
616 KB
2 google-analytics.com
www.google-analytics.com
18 KB
8 2
Domain Requested by
6 covid19zim.site covid19zim.site
2 www.google-analytics.com covid19zim.site
8 2

This site contains links to these domains. Also see Links.

Domain
docs.google.com
wa.me
twitter.com
www.mohcc.gov.zw
www.cdc.gov
juliankanjere.com
Subject Issuer Validity Valid
covid19zim.site
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid19zim.site/
Frame ID: E1F41CD9E6E7D7BEDFA3C9EC1A46D724
Requests: 9 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^Cowboy$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

634 kB
Transfer

659 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
covid19zim.site/
10 KB
11 KB
Document
General
Full URL
https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
be6e440c739281804440cafcc662ee90a89a2fd5931ee49834a2f7b0a8385399

Request headers

Host
covid19zim.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
Cowboy
Connection
keep-alive
X-Powered-By
Express
Content-Type
text/html; charset=utf-8
Content-Length
10559
Etag
W/"293f-naV1e14ebDDsgffaG/zOnpZG4Jk"
Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
style.css
covid19zim.site/stylesheets/
1 KB
1 KB
Stylesheet
General
Full URL
https://covid19zim.site/stylesheets/style.css
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
3cd5a9aea079212eb76c8ee3dcfbcc2ef7e72708d2a941b73e27c95a8d85b137

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
Etag
W/"45a-17113e12b40"
Last-Modified
Wed, 25 Mar 2020 22:47:36 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1114
bootstrap.css
covid19zim.site/scripts/bootstrap/css/
193 KB
193 KB
Stylesheet
General
Full URL
https://covid19zim.site/scripts/bootstrap/css/bootstrap.css
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
038ecec312ff9c0374c9d8831534865fb7ed6df4c94ca822274cea0ae4cf0e1e

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
Etag
W/"30232-7438674ba0"
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197170
jquery.js
covid19zim.site/scripts/jquery/
274 KB
274 KB
Script
General
Full URL
https://covid19zim.site/scripts/jquery/jquery.js
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
https://covid19zim.site/
Origin
https://covid19zim.site
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
Etag
W/"4472c-7438674ba0"
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280364
bootstrap.js
covid19zim.site/scripts/bootstrap/js/
132 KB
132 KB
Script
General
Full URL
https://covid19zim.site/scripts/bootstrap/js/bootstrap.js
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
eba7fab904d092f1c5f23a6788b5898e7b5e11f990682fed01315ec3f9d3040f

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
Etag
W/"20fa7-7438674ba0"
Last-Modified
Sat, 26 Oct 1985 08:15:00 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
135079
covid19zim.js
covid19zim.site/javascripts/
5 KB
5 KB
Script
General
Full URL
https://covid19zim.site/javascripts/covid19zim.js
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.202.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-202-19.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
11aeb0ce78d2287864c21cb62a935e8f75d9408b24941ea74df076448bc2a788

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 25 Mar 2020 23:11:23 GMT
Via
1.1 vegur
Etag
W/"13cd-17113e12b40"
Last-Modified
Wed, 25 Mar 2020 22:47:36 GMT
Server
Cowboy
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5069
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1968
date
Wed, 25 Mar 2020 22:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 26 Mar 2020 00:38:35 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=989004011&t=pageview&_s=1&dl=https%3A%2F%2Fcovid19zim.site%2F&ul=en-us&de=UTF-8&dt=Covid19Zim%20Aggregator%20%7C%20Near-real%20time%20statistics%20and%20information%20about%20the%20COVID-19%20in%20Zimbabwe.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1915114849&gjid=2029895775&cid=959988120.1585177883&tid=UA-83496703-4&_gid=1984878144.1585177883&_r=1&z=831005781
Requested by
Host: covid19zim.site
URL: https://covid19zim.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19zim.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 25 Mar 2020 23:11:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4008dda5f9b7b9355cf71f51c52e8390861bef1a6b91ba495336902e2d3373af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| bootstrap

3 Cookies

Domain/Path Name / Value
.covid19zim.site/ Name: _gid
Value: GA1.2.1984878144.1585177883
.covid19zim.site/ Name: _gat
Value: 1
.covid19zim.site/ Name: _ga
Value: GA1.2.959988120.1585177883

1 Console Messages

Source Level URL
Text
console-api log URL: https://covid19zim.site/javascripts/covid19zim.js(Line 100)
Message:
formName undefined