Which is an iframe embed from ArcGIS.
All the data for the map is freely available on github in csv form
CSSEGISandData/COVID-19
ArcGIS, developed by Esri, is used for map display of the data.
From the JH FAQ
I blame John Hopkins for allowing hackers to be able to use an iFrame. The us of which makes it very, very easy for a site to perform malicious activites on your computer embedding ransom ware scripts on a seemingly harmless looking web page that has actual data. That's a hard fail by John's Hopkins and iFrames are so 1970s.