urlscan.io logo urlscan.io
SecurityTrails logo

www.covid-now.org Open in urlscan Pro
40.79.154.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.covid-now.org/
Submission: On April 02 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 20 domains to perform 45 HTTP transactions. The main IP is 40.79.154.194, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.covid-now.org.
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 2nd 2020. Valid for: 6 months.
This is the only time www.covid-now.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 40.79.154.194 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.26.12.149 13335 (CLOUDFLAR...)
1 151.101.113.188 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.114.217 54113 (FASTLY)
1 104.16.19.96 13335 (CLOUDFLAR...)
1 104.111.215.9 16625 (AKAMAI-AS)
1 2606:2800:233... 15133 (EDGECAST)
3 152.195.50.33 15133 (EDGECAST)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 13.224.194.146 16509 (AMAZON-02)
1 151.101.12.124 54113 (FASTLY)
2 151.101.2.166 54113 (FASTLY)
3 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
45 20
13    40.79.154.194 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.covid-now.org
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:3031::681c:ec8 (United States)

ASN13335 (CLOUDFLARENET, US)
corona.lmao.ninja
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.26.12.149 (United States)

ASN13335 (CLOUDFLARENET, US)
newsapi.org
1    151.101.113.188 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cbsnews2.cbsistatic.com
2    2606:4700::6812:8d33 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.24.co.za
1    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.insider.com
1    104.16.19.96 (United States)

ASN13335 (CLOUDFLARENET, US)
img.rasset.ie
1    104.111.215.9 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-9.deploy.static.akamaitechnologies.com
i.cbc.ca
1    2606:2800:233:23c9:90c:111f:15f5:25b6 (United States)

ASN15133 (EDGECAST, US)
img.huffingtonpost.com
3    152.195.50.33 (United States)

ASN15133 (EDGECAST, US)
techcrunch.com
1    2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)
static.ffx.io
1    13.224.194.146 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-146.fra2.r.cloudfront.net
cf-images.us-east-1.prod.boltdns.net
1    151.101.12.124 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.vox-cdn.com
2    151.101.2.166 (United States)

ASN54113 (FASTLY, US)
i.kinja-img.com
3    2a02:26f0:eb:1ae::13b2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
mondrian.mashable.com
1    2a02:26f0:6c00:187::3134 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.cnn.com
Domain Requested by
13 www.covid-now.org www.covid-now.org
4 corona.lmao.ninja www.covid-now.org
3 mondrian.mashable.com
3 techcrunch.com
3 fonts.gstatic.com www.covid-now.org
2 i.kinja-img.com
2 cdn.24.co.za
2 newsapi.org www.covid-now.org
2 www.google-analytics.com www.googletagmanager.com
www.covid-now.org
1 cdn.cnn.com
1 cdn.vox-cdn.com
1 cf-images.us-east-1.prod.boltdns.net
1 static.ffx.io
1 img.huffingtonpost.com
1 i.cbc.ca
1 img.rasset.ie
1 i.insider.com
1 cbsnews2.cbsistatic.com
1 fonts.googleapis.com www.covid-now.org
1 www.googletagmanager.com www.covid-now.org
45 20
Subject Issuer Validity Valid
www.covid-now.org
GeoTrust RSA CA 2018		 2020-04-02 -
2020-10-02		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-19 -
2020-10-09		 9 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.cbsistatic.com
DigiCert SHA2 High Assurance Server CA		 2019-02-22 -
2021-02-26		 2 years crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-01 -
2021-02-05		 10 months crt.sh
ssl385608.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-25 -
2020-08-02		 6 months crt.sh
secure.cbc.ca
GeoTrust RSA CA 2018		 2020-03-25 -
2021-05-02		 a year crt.sh
img.huffingtonpost.com
DigiCert SHA2 Secure Server CA		 2017-10-23 -
2020-05-15		 3 years crt.sh
techcrunch.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2022-03-02		 2 years crt.sh
nine.com.au
COMODO RSA Organization Validation Secure Server CA		 2020-02-27 -
2021-02-26		 a year crt.sh
*.prod.boltdns.net
Amazon		 2019-12-19 -
2021-01-19		 a year crt.sh
*.voxmedia.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-11-16 -
2021-02-18		 2 years crt.sh
univision.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-03-12 -
2020-07-11		 4 months crt.sh
ziffdavis.com
DigiCert SHA2 Secure Server CA		 2020-02-18 -
2021-04-18		 a year crt.sh
www.turner.com
Sectigo RSA Organization Validation Secure Server CA		 2019-09-19 -
2020-09-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.covid-now.org/
Frame ID: 56A38ABD1F819626A747DC52713BA7A5
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

COVID-19 Global Live Data

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

96 %
HTTPS

50 %
IPv6

20
Domains

20
Subdomains

20
IPs

4
Countries

4508 kB
Transfer

9302 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.covid-now.org/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5b12276dc8e64fb9f5abe0c073a6700afb21798a4b022b8be34dacfef2d5870

Request headers

Host
www.covid-now.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Content-Length
1128
Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 02 Apr 2020 13:58:49 GMT
Accept-Ranges
bytes
ETag
"80f271d5f68d61:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Set-Cookie
ARRAffinity=d35dd44b046e96985466c893225f520704b0e0219cd5a23921706f1ac07863b0;Path=/;HttpOnly;Domain=www.covid-now.org
Date
Thu, 02 Apr 2020 14:03:47 GMT
styles.d5010e4aebed9673de3e.css
www.covid-now.org/ 		919 KB
113 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/styles.d5010e4aebed9673de3e.css
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c7e56c4ce61acec17e63236910db0d32cf4acb11109394a5a9a06e000f73ac5

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 02 Apr 2020 14:03:48 GMT
Content-Encoding
gzip
ETag
"0ad714f78d61:0"
Last-Modified
Thu, 02 Apr 2020 14:00:34 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
115609
js
www.googletagmanager.com/gtag/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-161721170-1
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbb3b94ccba911d801599bf929172479e41f15f350795b1889f57302717c2ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 02 Apr 2020 14:03:48 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29060
x-xss-protection
0
last-modified
Thu, 02 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Apr 2020 14:03:48 GMT
runtime-es2015.3e26394fdf0b443a308e.js
www.covid-now.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/runtime-es2015.3e26394fdf0b443a308e.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da89ef5aef31982320054a231ff8138155616e7cd6b33195861bcede53599211

Request headers

Referer
https://www.covid-now.org/
Origin
https://www.covid-now.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:48 GMT
Content-Encoding
gzip
ETag
"5975fadf78d61:0"
Last-Modified
Thu, 02 Apr 2020 14:00:23 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1466
polyfills-es2015.888305c92a968a84c04b.js
www.covid-now.org/ 		113 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/polyfills-es2015.888305c92a968a84c04b.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d01dcc4f6905a320b4b322624c34fa18c84c998f8a0e8d44fbc5707c90fec1f6

Request headers

Referer
https://www.covid-now.org/
Origin
https://www.covid-now.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:48 GMT
Content-Encoding
gzip
ETag
"73b673dff68d61:0"
Last-Modified
Thu, 02 Apr 2020 13:59:05 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
48351
scripts.f45059fb7051e8c5857a.js
www.covid-now.org/ 		1 MB
595 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/scripts.f45059fb7051e8c5857a.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
40d88cff3b530cbf89c95b8ff7c4cbe537222195cb576fa2d41a63939d249272

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 02 Apr 2020 14:03:49 GMT
Content-Encoding
gzip
ETag
"21978c10f78d61:0"
Last-Modified
Thu, 02 Apr 2020 14:00:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
main-es2015.9218ddc518e68b6345cc.js
www.covid-now.org/ 		1 MB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cbe3be84cbd90aadfb280b56cfca188c8d2bf3050e4095fdee5c4d0b713eef18

Request headers

Referer
https://www.covid-now.org/
Origin
https://www.covid-now.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:49 GMT
Content-Encoding
gzip
ETag
"287da6dbf68d61:0"
Last-Modified
Thu, 02 Apr 2020 13:58:59 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		8 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6203a5ff38cfa75aa701d00611b9f6a2a3ce0eed8764dea95a98312996ec105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 02 Apr 2020 14:03:49 GMT
server
ESF
date
Thu, 02 Apr 2020 14:03:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Apr 2020 14:03:49 GMT
Roboto-Regular.b2a6341ae7440130ec4b.woff2
www.covid-now.org/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/Roboto-Regular.b2a6341ae7440130ec4b.woff2
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://www.covid-now.org/styles.d5010e4aebed9673de3e.css
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:49 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
6986
Content-Type
text/html; charset=utf-8
Roboto-Regular.081b11ebaca8ad30fd09.woff
www.covid-now.org/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/Roboto-Regular.081b11ebaca8ad30fd09.woff
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://www.covid-now.org/styles.d5010e4aebed9673de3e.css
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:49 GMT
Cache-Control
private
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
6984
Content-Type
text/html; charset=utf-8
Roboto-Regular.99b14f0da0591e0d7167.ttf
www.covid-now.org/ 		167 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/Roboto-Regular.99b14f0da0591e0d7167.ttf
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8d51e194abf6d6f4af94f4a2f37e261a5ec7c6dbbb944eb64055f4ad722ac64

Request headers

Referer
https://www.covid-now.org/styles.d5010e4aebed9673de3e.css
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:49 GMT
Last-Modified
Thu, 02 Apr 2020 14:00:04 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"14d5b02f78d61:0"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
170564
5-es2015.5be6c721673983f79508.js
www.covid-now.org/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/5-es2015.5be6c721673983f79508.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/runtime-es2015.3e26394fdf0b443a308e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a0aa36dbdb068c2e848c5d472bef8b304dd571e74fd6ab2595d6057b59b8cced

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 02 Apr 2020 14:03:52 GMT
Content-Encoding
gzip
ETag
"39e9899f68d61:0"
Last-Modified
Thu, 02 Apr 2020 13:57:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
6748
4-es2015.1bb2b2ba4609f084a50d.js
www.covid-now.org/ 		1 MB
500 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/4-es2015.1bb2b2ba4609f084a50d.js
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/runtime-es2015.3e26394fdf0b443a308e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0bfbd391700a652e2758fde50c992632ddbf86a24a47673a4284a7270149fd3f

Request headers

Referer
https://www.covid-now.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 02 Apr 2020 14:03:53 GMT
Content-Encoding
gzip
ETag
"706c8f98f68d61:0"
Last-Modified
Thu, 02 Apr 2020 13:57:06 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
world.json
www.covid-now.org/assets/map/ 		987 KB
385 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/assets/map/world.json
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
049b334579e5a42d5d16c72d014d380e048e39fc1504049f212acb589484d2fa

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:56 GMT
Content-Encoding
gzip
ETag
"be8c612cf78d61:0"
Last-Modified
Thu, 02 Apr 2020 14:01:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/json
Transfer-Encoding
chunked
Accept-Ranges
bytes
states
corona.lmao.ninja/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corona.lmao.ninja/states
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:ec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f1765461c67a97cd9845562b64d96eca0b2c0fa9f590c01899ad03808cbad4e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 14:03:55 GMT
content-encoding
br
ng-cache-status
HIT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
57db189ab9fe9778-FRA
etag
W/"145a-7gBmBVmlqH5nxyPrsPIuyqeb51c"
all
corona.lmao.ninja/ 		114 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://corona.lmao.ninja/all
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:ec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2280bb0c18dad24eca78c39deff271a7eee891cf126849d9a52818e452b6d95e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 14:03:55 GMT
content-encoding
br
ng-cache-status
HIT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
57db189aba009778-FRA
etag
W/"72-wBAzoHqivW094tqEz4ZEXxZRls8"
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161721170-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5120
date
Thu, 02 Apr 2020 12:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Thu, 02 Apr 2020 14:38:35 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1976587
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1951661
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:56:14 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Origin
https://www.covid-now.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
479344
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sun, 28 Mar 2021 00:54:51 GMT
usa.json
www.covid-now.org/assets/map/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.covid-now.org/assets/map/usa.json
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.194 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a5b12276dc8e64fb9f5abe0c073a6700afb21798a4b022b8be34dacfef2d5870

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:55 GMT
Content-Encoding
gzip
ETag
"80f271d5f68d61:0"
Last-Modified
Thu, 02 Apr 2020 13:58:49 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html
Accept-Ranges
bytes
Content-Length
1128
top-headlines
newsapi.org/v2/ 		17 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsapi.org/v2/top-headlines?q=covid-19&language=en&apiKey=fe8c208bfcd5456db288bb7672c0bf41
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b2d88d6238b2561259f00ae32080fcc1ed64e55b02e7042c93defff815106c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cache-remaining
95
date
Thu, 02 Apr 2020 14:03:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
57db189bfb84c765-AMS
x-cached-result
true
status
200
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cache-expires
Thu, 02 Apr 2020 14:05:59 GMT
access-control-allow-headers
x-api-key, authorization
expires
-1
everything
newsapi.org/v2/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsapi.org/v2/everything?q=covid-19&from=2020-04-02&to=2020-04-02&sortBy=popularity&apiKey=fe8c208bfcd5456db288bb7672c0bf41
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.149 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c1288c6f949305b7cdc3d357f831aa324c66bc07c3ca8a32b55a985b02689e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cache-remaining
96
date
Thu, 02 Apr 2020 14:03:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
57db189bfb89c765-AMS
x-cached-result
true
status
200
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
x-cache-expires
Thu, 02 Apr 2020 14:05:59 GMT
access-control-allow-headers
x-api-key, authorization
expires
-1
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1231319979&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covid-now.org%2Fpages%2Fmaps%2Fbubble&dp=%2Fpages%2Fmaps%2Fbubble&ul=en-us&de=UTF-8&dt=COVID-19%20Global%20Live%20Data&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1120591445&gjid=1066717288&cid=869883845.1585836236&tid=UA-161721170-1&_gid=793516856.1585836236&_r=1&gtm=2ou3p1&z=1911625440
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/pages/maps/bubble
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 02 Apr 2020 14:03:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
gettyimages-1208907351.jpg
cbsnews2.cbsistatic.com/hub/i/r/2020/04/02/1ac156f1-7c55-4eb0-8571-408802cbb922/thumbnail/1200x630g2/bf04d75d8c362889113bcbca41738277/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsnews2.cbsistatic.com/hub/i/r/2020/04/02/1ac156f1-7c55-4eb0-8571-408802cbb922/thumbnail/1200x630g2/bf04d75d8c362889113bcbca41738277/gettyimages-1208907351.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.188 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66fe4608b871dbf929de1ae08817aaca1274041940d9d4ef57c15edc326f5797

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish
last-modified
Thu, 02 Apr 2020 13:30:45 GMT
age
1925
etag
"98dba68eab902e35560b8bb082643175"
content-type
image/jpeg
status
200
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://cbsnews1.cbsistatic.com/hub/i/r/2020/04/02/1ac156f1-7c55-4eb0-8571-408802cbb922/thumbnail/1200x630g2/bf04d75d8c362889113bcbca41738277/gettyimages-1208907351.jpg>; rel="canonical"
content-length
77557
92916ee750004e09ac0302e36a355293.jpg
cdn.24.co.za/files/Cms/General/d/8564/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.24.co.za/files/Cms/General/d/8564/92916ee750004e09ac0302e36a355293.jpg
Protocol
HTTP/1.1
Server
2606:4700::6812:8d33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4498c040b58d7fc3268c1ad21777c732ca1234d207132c95e41a692f33ed13e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:56 GMT
CF-Cache-Status
HIT
Age
1996
Cf-Polished
qual=85, origFmt=jpeg, origSize=41984
Content-Disposition
inline; filename="92916ee750004e09ac0302e36a355293.webp"
Connection
keep-alive
Content-Length
14854
Last-Modified
Tue, 31 Mar 2020 16:12:23 GMT
Server
cloudflare
ETag
"f9637929777d61:0"
Vary
Accept
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
CF-RAY
57db189d0c959754-FRA
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Key, Content-Length, Authorization, Range
Cf-Bgj
imgq:85
5e84f8362d41c175433f8ec3
i.insider.com/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.insider.com/5e84f8362d41c175433f8ec3?width=1200&format=jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2f9132d672a4573d65e466103a6e122e8f71f72ccb84087c69045c66b8aa7e6

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish, 1.1 varnish
x-amz-meta-x-description
new+york+city+coronavirus
age
63637
x-amz-meta-x-image-width
2000
fastly-io-info
ifsz=3182456 idim=2000x1000 ifmt=png ofsz=90780 odim=1200x600 ofmt=webp
status
200
content-length
90780
x-cache
HIT, HIT
fastly-stats
io=1
x-amz-request-id
5FE262B78D38202F
x-amz-id-2
6LK0zGZnRsGNDNSrFTziPSr5BVhL/en4qUr73f0giWOp1CnghGLkvzXffuRWlCy70jmz3RAJztI=
x-served-by
cache-bwi5135-BWI, cache-hhn4063-HHN
x-amz-meta-x-source
ANGELA+WEISS%2FAFP+via+Getty+Images
x-amz-meta-x-image-height
1000
server
AmazonS3
x-timer
S1585836236.332663,VS0,VE2
etag
"9gtljf+b6UKC07Ik+aJiOUq0c1Vjz6y+j2r91iuK3xo"
vary
Accept
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
5, 1
00140be9-1600.jpg
img.rasset.ie/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.rasset.ie/00140be9-1600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d248ff734ac622cd581223f623d4cf99d2f9643b36c19ec23ab8d6afbc16836f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
cf-cache-status
HIT
nel
{"report_to":"default","max_age":31536000,"include_subdomains":true,"failure_fraction":0.01}
age
1926
cf-polished
qual=85, origFmt=jpeg, origSize=888010
status
200
content-disposition
inline; filename="00140be9-1600.webp"
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
140638
x-info
mt-www2.rte.ie 1, dja
last-modified
Thu, 02 Apr 2020 13:31:35 GMT
server
cloudflare
etag
"neverchanges"
expect-ct
max-age=604800, report-uri="https://rte.report-uri.com/r/d/ct/enforce"
vary
Accept
report-to
{ "group":"default","max_age":31536000,"endpoints":[{ "url":"https://rte.report-uri.com/a/t/g" }],"include_subdomains":true }
content-type
image/webp
cf-bgj
imgq:85
cache-control
public, max-age=3153600000
accept-ranges
bytes
cf-ray
57db189d393fc853-AMS
expires
Sat, 09 Mar 2120 13:31:35 GMT
f84d395f0ba14ea58906bdd148d3e099.jpg
cdn.24.co.za/files/Cms/General/d/8409/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.24.co.za/files/Cms/General/d/8409/f84d395f0ba14ea58906bdd148d3e099.jpg
Protocol
HTTP/1.1
Server
2606:4700::6812:8d33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f612280df82f51f2e12add5568986253ac68f05c3823914794d02702603c8aa3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 14:03:56 GMT
CF-Cache-Status
HIT
Age
1254
Cf-Polished
qual=85, origFmt=jpeg, origSize=246784
Content-Disposition
inline; filename="f84d395f0ba14ea58906bdd148d3e099.webp"
Connection
keep-alive
Content-Length
128876
Last-Modified
Wed, 25 Mar 2020 09:31:54 GMT
Server
cloudflare
ETag
"2c647b38882d61:0"
Vary
Accept
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
CF-RAY
57db189d08559710-FRA
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Key, Content-Length, Authorization, Range
Cf-Bgj
imgq:85
jobless-claims.jpg
i.cbc.ca/1.5518716.1585830936!/fileImage/httpImage/image.jpg_gen/derivatives/16x9_620/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cbc.ca/1.5518716.1585830936!/fileImage/httpImage/image.jpg_gen/derivatives/16x9_620/jobless-claims.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.9 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-9.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f0c99d485d0609d3aee30e4c421dc3ea5a9791c129a890d942f2b9cc0ebd6f8a

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
x-check-cacheable
YES
x-serial
950
content-type
image/webp
status
200
cache-control
no-transform, max-age=31531645
last-modified
Thu, 02 Apr 2020 12:52:06 GMT
content-length
11420
server
Akamai Image Manager
expires
Fri, 02 Apr 2021 12:51:21 GMT
5e82bbc82700006100a6755a.jpeg
img.huffingtonpost.com/asset/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.huffingtonpost.com/asset/5e82bbc82700006100a6755a.jpeg?cache=oqv18js8vb&ops=1778_1000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:23c9:90c:111f:15f5:25b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA5) /
Resource Hash
b15a26ce00b5ecb6c00b65b229c87982042e39394bd619672356d6ae139f4a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
x-content-type-options
nosniff
age
3785
x-dns-prefetch-control
off
x-cache
HIT
status
200
content-length
184397
x-xss-protection
1; mode=block
last-modified
Thu, 02 Apr 2020 13:00:52 GMT
server
ECAcc (frc/8EA5)
x-frame-options
SAMEORIGIN
etag
W/"2d04d-sBvE+9Euieg9im1WlOmUsam5YXU"
x-download-options
noopen
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
Matthew-Prince-CloudflareDSC00249.jpg
techcrunch.com/wp-content/uploads/2019/12/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2019/12/Matthew-Prince-CloudflareDSC00249.jpg?w=600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.50.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
87487785f2edb11fe83156f449e93f914c8f8db22a7eac6f9024be95c9f4a0e9

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
x-rq
ewr1 102 69 443
last-modified
Thu, 02 Apr 2020 13:02:37 GMT
server
nginx
ec-policy-id
104206
etag
"c8f8f1ceacc6c14f"
vary
Accept
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31288
expires
Fri, 02 Apr 2021 13:02:37 GMT
7090ccfadc1b5450e52b185b162232f59f2082fd
static.ffx.io/images/$zoom_0.2043%2C$multiply_0.7554%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_11/t_crop_custom/e_sharpen:25%2Cq_85%2Cf_auto/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.2043%2C$multiply_0.7554%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_11/t_crop_custom/e_sharpen:25%2Cq_85%2Cf_auto/7090ccfadc1b5450e52b185b162232f59f2082fd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
190e993b28246f97a1b546a31318d470b18f5ce018313f72b57edad5ee8b33e3

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish, 1.1 varnish
age
1815
edge-cache-tag
388465193005611706258659192629728377718,375923384433324904799026480493998694908,5f5f4219172da4ec8104790896b11172
status
200
content-disposition
inline; filename="7090ccfadc1b5450e52b185b162232f59f2082fd.webp"
content-length
57616
x-cld-skey
388465193005611706258659192629728377718 375923384433324904799026480493998694908 5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
last-modified
Thu, 02 Apr 2020 13:33:07 GMT
server
cloudinary
x-timer
S1585836236.425560,VS0,VE1
etag
"303e28fb05aa8a2d68c6f28c3461fd89"
x-served-by
cache-hhn4048-HHN, cache-hhn4039-HHN
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/1312e977-e6f3-46aa-b551-65fcf275ebdd/2cb839f6-9977-4048-8178-8fae1e51b218/1280x720/match/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-images.us-east-1.prod.boltdns.net/v1/static/694940094001/1312e977-e6f3-46aa-b551-65fcf275ebdd/2cb839f6-9977-4048-8178-8fae1e51b218/1280x720/match/image.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.146 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-146.fra2.r.cloudfront.net
Software
/ BC
Resource Hash
007ec2e72aaaf014432ad2c6bba2cfb24f35f4d2769b2105341e3a29e4b6d871

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 02 Apr 2020 12:18:56 GMT
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
6300
X-Powered-From
us-east-1d
X-Powered-By
BC
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Amz-Cf-Id
Hg1hXncMe6kHN28PHNPhc5K0Aet8u3FKiZF5Tt4w45TQBDtuEXORFA==
acastro_200331_1777_zoom_0003.0.jpg
cdn.vox-cdn.com/thumbor/FEOxiFrOMS-2eMWfLeSU0oaEoq8=/0x146:2040x1214/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19861742/ 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vox-cdn.com/thumbor/FEOxiFrOMS-2eMWfLeSU0oaEoq8=/0x146:2040x1214/fit-in/1200x630/cdn.vox-cdn.com/uploads/chorus_asset/file/19861742/acastro_200331_1777_zoom_0003.0.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.124 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
dff875bc1c4d57110f4fa1df96ff0dd2377fa9b189f83c99b463d725f62a9151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish, 1.1 varnish
age
143367
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=31536000
content-length
148210
x-served-by
cache-bwi5120-BWI, cache-fra19124-FRA
server
nginx/1.11.5
x-timer
S1585836236.350569,VS0,VE2
etag
"ed366632eee10adf43bb902ee5d3dc0ec70d6ffa"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 01 Apr 2030 10:14:29 GMT
cache-control
max-age=315576000,public
accept-ranges
bytes
x-cache-hits
1, 1
IDNOW-LEFT-960x430-1.jpg
techcrunch.com/wp-content/uploads/2020/04/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2020/04/IDNOW-LEFT-960x430-1.jpg?w=764
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.50.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e24021a81cfa9fe9d7fa3692ebe83c74f50b035f579a6a8400bea0efe96c02be

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
x-rq
ewr2 102 93 443
last-modified
Thu, 02 Apr 2020 00:29:01 GMT
server
nginx
ec-policy-id
104206
etag
"1f6a3d8eaab95f85"
vary
Accept
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19866
expires
Fri, 02 Apr 2021 00:29:01 GMT
GettyImages-945572064.jpg
techcrunch.com/wp-content/uploads/2019/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://techcrunch.com/wp-content/uploads/2019/10/GettyImages-945572064.jpg?w=599
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.50.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
494dce4cc1022ea3462a9f1b9f705b4ac50505669121fb3405203e3686b6f341

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
x-rq
ewr2 98 133 443
last-modified
Thu, 02 Apr 2020 09:50:32 GMT
server
nginx
ec-policy-id
104206
etag
"fe1e113337ff67f7"
vary
Accept
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19438
expires
Fri, 02 Apr 2021 09:50:32 GMT
cuz4a7adhpdrske2ddup.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_675,pg_1,q_80,w_1200/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_675,pg_1,q_80,w_1200/cuz4a7adhpdrske2ddup.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
kinja /
Resource Hash
aa67b139d88166c0b37e104443b79b1a278c35aaaa62b5d023d05fd83815a776
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
9420
edge-cache-tag
435778178159020986595464919777878266566,365184154357552149827561223209611523504,e658e1d7ab596d92a7343d60946f3015
status
200, 200 OK
x-image-request-allowed
covid-now.org no
content-disposition
inline; filename="cuz4a7adhpdrske2ddup.webp"
content-length
41782
x-request-id
2c51d776265d1433a1cb2f9944910dac
x-served-by
cache-lga21939-LGA, cache-lga21971-LGA, cache-hhn4022-HHN
x-cache
MISS, HIT, HIT
last-modified
Thu, 02 Apr 2020 11:26:56 GMT
server
kinja
x-timer
S1585836236.392383,VS0,VE1
etag
"d2340e389e1f546f8e348ee2dbf54555"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-max-age=0, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1
ytfhasbnofdpluzrxyux.jpg
i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_675,pg_1,q_80,w_1200/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.kinja-img.com/gawker-media/image/upload/c_fill,f_auto,fl_progressive,g_center,h_675,pg_1,q_80,w_1200/ytfhasbnofdpluzrxyux.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.166 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
kinja /
Resource Hash
0037e30ab734b214c858f44cb9e90848362a77a0646470b86e8bc183a703c724
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
45378
edge-cache-tag
391060752867940770380937809563847458250,365184154357552149827561223209611523504,e658e1d7ab596d92a7343d60946f3015
status
200, 200 OK
x-image-request-allowed
covid-now.org no
content-disposition
inline; filename="ytfhasbnofdpluzrxyux.webp"
content-length
56470
x-request-id
bb2ffaa07ad8048af7c7dbacb1025f09
x-served-by
cache-lga21925-LGA, cache-lga21930-LGA, cache-hhn4022-HHN
x-cache
MISS, HIT, HIT
last-modified
Thu, 02 Apr 2020 01:27:38 GMT
server
kinja
x-timer
S1585836236.392447,VS0,VE1
etag
"5a697936abdcbd4babc24ef1c5878123"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-max-age=0, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2020%252F04%252F01%252Fb5%252F6d9cff77c519483b880eaa14d69af83a.513f6.png%252F1200x630.png
mondrian.mashable.com/ 		785 KB
785 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mondrian.mashable.com/2020%252F04%252F01%252Fb5%252F6d9cff77c519483b880eaa14d69af83a.513f6.png%252F1200x630.png?signature=nsXBsJyou4Gt5iFdxZgFjesvIuA=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:1ae::13b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
72e12fb94d891f3a1e11c2b4db4dea2b6c0dae78cee13d00565d6bbdf3edeed2

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-amz-version-id
YPpsM0f36h5tNi3dfJl4GrQWy_o5gMx7
Last-Modified
Thu, 02 Apr 2020 09:02:18 GMT
X-Amz-Cf-Pop
FRA53
ETag
"8b3697766d0ddb5fa18a5af45df37efb"
Content-Type
image/png
Cache-Control
max-age=2592000
Date
Thu, 02 Apr 2020 14:03:56 GMT
Connection
keep-alive
Content-Length
803740
X-Amz-Cf-Id
xV38W0rW_vA8Kdd0dWfcE9zSlEXcLTs46nEatsJZ6R6RiccTgWh6mA==
Expires
Sat, 02 May 2020 14:03:56 GMT
2020%252F04%252F02%252F51%252Fa3866b8000244844b0f46f6d2175feed.013ad.jpg%252F1200x630.jpg
mondrian.mashable.com/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mondrian.mashable.com/2020%252F04%252F02%252F51%252Fa3866b8000244844b0f46f6d2175feed.013ad.jpg%252F1200x630.jpg?signature=tnQrtnLLOkG8rXraJsXVDRUAUr0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:1ae::13b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
24489c4a4e712cdf2096417dc0353e6559ad48212ccb064ae069a674873b068c

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-amz-version-id
93b4TCuu7yymjSvQjMTRUyC5._9wdGRA
Last-Modified
Thu, 02 Apr 2020 09:57:24 GMT
X-Amz-Cf-Pop
FRA54
ETag
"422b15bb6430f878c2441eb3c82dbc7b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Date
Thu, 02 Apr 2020 14:03:56 GMT
Connection
keep-alive
Content-Length
76565
X-Amz-Cf-Id
MYsr0kijg_XBU1nWrgDWD3VfvNwnkRX6bC_IooW6Hz8BruA4ZHurFQ==
Expires
Sat, 02 May 2020 14:03:56 GMT
2020%252F04%252F01%252F7a%252F99e864f77caf40ecae6b4bba04a667e7.e6892.jpg%252F1200x630.jpg
mondrian.mashable.com/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mondrian.mashable.com/2020%252F04%252F01%252F7a%252F99e864f77caf40ecae6b4bba04a667e7.e6892.jpg%252F1200x630.jpg?signature=Sl-zulKyIomwfyR_Ym39Lt4VWy0=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:1ae::13b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2b4a056d6ffaf105aa4c3276eac505bd6f80f77f987720c67211491c965889c9

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-amz-version-id
_e1EUuAOs9tgLk5OSI0ASlFgrOidIGFF
Last-Modified
Thu, 02 Apr 2020 10:02:04 GMT
X-Amz-Cf-Pop
FRA54
ETag
"f15189a85935869ecf816cf14984754a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Date
Thu, 02 Apr 2020 14:03:56 GMT
Connection
keep-alive
Content-Length
89842
X-Amz-Cf-Id
ZSZOgv-ofb6eeaThwcviuhH14lONCEEDp7Apkp52VnYOn7PaA9m2uQ==
Expires
Sat, 02 May 2020 14:03:56 GMT
200401163346-adam-schlesinger-super-tease.jpg
cdn.cnn.com/cnnnext/dam/assets/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cnn.com/cnnnext/dam/assets/200401163346-adam-schlesinger-super-tease.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:187::3134 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
7c226deb279f111082531aded2979017e83af1e998b2ffa5322735bccff0567e

Request headers

Referer
https://www.covid-now.org/pages/maps/bubble
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:03:56 GMT
server
Apache-Coyote/1.1
access-control-allow-origin
*
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
status
200
cache-control
max-age=3600
content-length
72920
expires
Thu, 02 Apr 2020 15:03:56 GMT
countries
corona.lmao.ninja/ 		70 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corona.lmao.ninja/countries
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:ec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d2514e944c2c1e8f9d8c7a6565b6b784ab2ad72418c0c7abab2dde90d6b529b1

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 14:03:58 GMT
content-encoding
br
ng-cache-status
HIT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
57db18a95cb89778-FRA
etag
W/"118fa-O1G5/9w6WPKNJWFVlqtuDky1YIA"
historical
corona.lmao.ninja/v2/ 		663 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://corona.lmao.ninja/v2/historical
Requested by
Host: www.covid-now.org
URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681c:ec8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
719a0a361c760b7523f7c89cf1b04e60f7dfa719990a2340dc9a9b18e1902ef6

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.covid-now.org/pages/maps/bubble
Origin
https://www.covid-now.org
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 14:03:58 GMT
content-encoding
br
ng-cache-status
HIT
cf-cache-status
MISS
server
cloudflare
status
200
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
57db18a99d059778-FRA
etag
W/"a5d23-XVT5qtcBxMDwz+vd+L2dCdY9auI"

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| gtag object| Pace number| mce-data-1e4tj93p0 object| tinyMCE object| tinymce object| echarts object| bmap function| Color function| Chart object| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| _ object| L object| __zone_symbol__scrollfalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

4 Cookies

Domain/Path Name / Value
.covid-now.org/ Name: _gat_gtag_UA_161721170_1
Value: 1
.covid-now.org/ Name: _gid
Value: GA1.2.793516856.1585836236
.covid-now.org/ Name: _ga
Value: GA1.2.869883845.1585836236
.www.covid-now.org/ Name: ARRAffinity
Value: d35dd44b046e96985466c893225f520704b0e0219cd5a23921706f1ac07863b0

1 Console Messages

Source Level URL
Text
console-api error URL: https://www.covid-now.org/main-es2015.9218ddc518e68b6345cc.js(Line 1)
Message:
ERROR [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbsnews2.cbsistatic.com
cdn.24.co.za
cdn.cnn.com
cdn.vox-cdn.com
cf-images.us-east-1.prod.boltdns.net
corona.lmao.ninja
fonts.googleapis.com
fonts.gstatic.com
i.cbc.ca
i.insider.com
i.kinja-img.com
img.huffingtonpost.com
img.rasset.ie
mondrian.mashable.com
newsapi.org
static.ffx.io
techcrunch.com
www.covid-now.org
www.google-analytics.com
www.googletagmanager.com
104.111.215.9
104.16.19.96
104.26.12.149
13.224.194.146
151.101.113.188
151.101.114.217
151.101.12.124
151.101.2.166
152.195.50.33
2606:2800:233:23c9:90c:111f:15f5:25b6
2606:4700:3031::681c:ec8
2606:4700::6812:8d33
2a00:1450:4001:800::2008
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:820::2003
2a02:26f0:6c00:187::3134
2a02:26f0:eb:1ae::13b2
2a04:4e42:1b::645
40.79.154.194
0037e30ab734b214c858f44cb9e90848362a77a0646470b86e8bc183a703c724
007ec2e72aaaf014432ad2c6bba2cfb24f35f4d2769b2105341e3a29e4b6d871
049b334579e5a42d5d16c72d014d380e048e39fc1504049f212acb589484d2fa
0bfbd391700a652e2758fde50c992632ddbf86a24a47673a4284a7270149fd3f
190e993b28246f97a1b546a31318d470b18f5ce018313f72b57edad5ee8b33e3
2280bb0c18dad24eca78c39deff271a7eee891cf126849d9a52818e452b6d95e
24489c4a4e712cdf2096417dc0353e6559ad48212ccb064ae069a674873b068c
2b4a056d6ffaf105aa4c3276eac505bd6f80f77f987720c67211491c965889c9
3f1765461c67a97cd9845562b64d96eca0b2c0fa9f590c01899ad03808cbad4e
40d88cff3b530cbf89c95b8ff7c4cbe537222195cb576fa2d41a63939d249272
494dce4cc1022ea3462a9f1b9f705b4ac50505669121fb3405203e3686b6f341
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
66fe4608b871dbf929de1ae08817aaca1274041940d9d4ef57c15edc326f5797
719a0a361c760b7523f7c89cf1b04e60f7dfa719990a2340dc9a9b18e1902ef6
72e12fb94d891f3a1e11c2b4db4dea2b6c0dae78cee13d00565d6bbdf3edeed2
7c226deb279f111082531aded2979017e83af1e998b2ffa5322735bccff0567e
7c7e56c4ce61acec17e63236910db0d32cf4acb11109394a5a9a06e000f73ac5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87487785f2edb11fe83156f449e93f914c8f8db22a7eac6f9024be95c9f4a0e9
a0aa36dbdb068c2e848c5d472bef8b304dd571e74fd6ab2595d6057b59b8cced
a2f9132d672a4573d65e466103a6e122e8f71f72ccb84087c69045c66b8aa7e6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a5b12276dc8e64fb9f5abe0c073a6700afb21798a4b022b8be34dacfef2d5870
a5b2d88d6238b2561259f00ae32080fcc1ed64e55b02e7042c93defff815106c
aa67b139d88166c0b37e104443b79b1a278c35aaaa62b5d023d05fd83815a776
b15a26ce00b5ecb6c00b65b229c87982042e39394bd619672356d6ae139f4a6e
b6203a5ff38cfa75aa701d00611b9f6a2a3ce0eed8764dea95a98312996ec105
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c4498c040b58d7fc3268c1ad21777c732ca1234d207132c95e41a692f33ed13e
cbb3b94ccba911d801599bf929172479e41f15f350795b1889f57302717c2ddf
cbe3be84cbd90aadfb280b56cfca188c8d2bf3050e4095fdee5c4d0b713eef18
d01dcc4f6905a320b4b322624c34fa18c84c998f8a0e8d44fbc5707c90fec1f6
d1c1288c6f949305b7cdc3d357f831aa324c66bc07c3ca8a32b55a985b02689e
d248ff734ac622cd581223f623d4cf99d2f9643b36c19ec23ab8d6afbc16836f
d2514e944c2c1e8f9d8c7a6565b6b784ab2ad72418c0c7abab2dde90d6b529b1
da89ef5aef31982320054a231ff8138155616e7cd6b33195861bcede53599211
dff875bc1c4d57110f4fa1df96ff0dd2377fa9b189f83c99b463d725f62a9151
e24021a81cfa9fe9d7fa3692ebe83c74f50b035f579a6a8400bea0efe96c02be
e8d51e194abf6d6f4af94f4a2f37e261a5ec7c6dbbb944eb64055f4ad722ac64
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f0c99d485d0609d3aee30e4c421dc3ea5a9791c129a890d942f2b9cc0ebd6f8a
f612280df82f51f2e12add5568986253ac68f05c3823914794d02702603c8aa3