stopcoronavirus.ga Open in urlscan Pro
178.124.169.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stopcoronavirus.ga/
Effective URL:
https://stopcoronavirus.ga/
Submission: On April 04 via manual (April 4th 2020, 4:11:34 pm UTC) from GB

Summary HTTP 40 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 40 HTTP transactions. The main IP is 178.124.169.166, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is stopcoronavirus.ga.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 30th 2020. Valid for: 3 months.

This is the only time stopcoronavirus.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	178.124.169.166 178.124.169.166	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	91.134.17.4 91.134.17.4	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	18.203.208.214 18.203.208.214	16509 (AMAZON-02) (AMAZON-02)
1	95.163.254.117 95.163.254.117	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	46.105.74.90 46.105.74.90	16276 (OVH) (OVH)
1 2	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
40	13

18 178.124.169.166 (Minsk, Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: mm-166-169-124-178.static.minsktelecom.by

stopcoronavirus.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.134.17.4 (France)

ASN16276 (OVH, FR)
PTR: ip4.ip-91-134-17.eu

cdn.viapush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.208.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-208-214.eu-west-1.compute.amazonaws.com

coronavirus-tracker-api.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.254.117 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: donationalerts.mail.ru

www.donationalerts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.74.90 (France)

ASN16276 (OVH, FR)
PTR: ip90.ip-46-105-74.eu

api.viapush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	stopcoronavirus.ga 1 redirects stopcoronavirus.ga	321 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
4	viapush.com cdn.viapush.com api.viapush.com	75 KB
2	yandex.ru 1 redirects mc.yandex.ru	2 KB
2	gstatic.com fonts.gstatic.com	21 KB
2	yastatic.net yastatic.net	63 KB
2	doubleclick.net googleads.g.doubleclick.net
1	googletagservices.com www.googletagservices.com	27 KB
1	donationalerts.com www.donationalerts.com
1	herokuapp.com coronavirus-tracker-api.herokuapp.com	298 B
1	google.com adservice.google.com	839 B
1	google.de adservice.google.de	839 B
1	googleapis.com fonts.googleapis.com	565 B
40	13

	Domain	Requested by
18	stopcoronavirus.ga	1 redirects stopcoronavirus.ga
4	pagead2.googlesyndication.com	stopcoronavirus.ga pagead2.googlesyndication.com
3	api.viapush.com	cdn.viapush.com stopcoronavirus.ga
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	mc.yandex.ru	1 redirects stopcoronavirus.ga
2	fonts.gstatic.com	stopcoronavirus.ga
2	yastatic.net	stopcoronavirus.ga
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.donationalerts.com	stopcoronavirus.ga
1	coronavirus-tracker-api.herokuapp.com	stopcoronavirus.ga
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdn.viapush.com	stopcoronavirus.ga
1	fonts.googleapis.com	stopcoronavirus.ga
40	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
who.int

Subject Issuer	Validity	Valid
stopcoronavirus.ga Let's Encrypt Authority X3	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.viapush.com Let's Encrypt Authority X3	`2020-03-06` - `2020-06-04`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2017-04-19` - `2020-06-22`	3 years	crt.sh
*.donationalerts.ru GeoTrust RSA CA 2018	`2018-09-10` - `2020-10-12`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://stopcoronavirus.ga/
Frame ID: 8335454A42F907E0268D2893F6C8C471
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Frame ID: F1D600FC0A281117D544E7C4D844666F
Requests: 1 HTTP requests in this frame

Frame: https://www.donationalerts.com/widget/goal/3166535?token=Cj4VnnbjUDdn4lHwRF7O
Frame ID: FBE81E289BA9E339B0944E9B32FC2790
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7628472238841590&output=html&adk=1812271804&adf=3025194257&lmt=1585936363&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fstopcoronavirus.ga%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586016677807&bpp=166&bdt=118&fdt=208&idt=208&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=608054424274&frm=20&pv=2&ga_vid=1126747303.1586016678&ga_sid=1586016678&ga_hid=1808450392&ga_fc=0&iag=0&icsg=650&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532&oid=3&pvsid=2769671331053714&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=220
Frame ID: BFEEA3E3C70BF1F26F2B90A575F11512
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C151DF4BA75773D73E63C703989ABCA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://stopcoronavirus.ga/ HTTP 302
https://stopcoronavirus.ga/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

40
Requests

100 %
HTTPS

58 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

643 kB
Transfer

1153 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/search?q=%23stayhome
Title: #STAYHOME

Search URL Search Domain Scan URL

URL: https://who.int/emergencies/diseases/novel-coronavirus-2019
Title: ВОЗ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stopcoronavirus.ga/ HTTP 302
https://stopcoronavirus.ga/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://mc.yandex.ru/watch/52122583?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0&rn=657691&page-url=https%3A%2F%2Fstopcoronavirus.ga%2F&site-info=%7B%22guid%22%3A%22ab052455-3f27-4577-93ff-098961a9a04b%22%2C%22serviceId%22%3A%22undefined%22%2C%22version%22%3A%221.23.0%22%7D HTTP 302
https://mc.yandex.ru/watch/52122583/1?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0&rn=657691&page-url=https%3A%2F%2Fstopcoronavirus.ga%2F&site-info=%7B%22guid%22%3A%22ab052455-3f27-4577-93ff-098961a9a04b%22%2C%22serviceId%22%3A%22undefined%22%2C%22version%22%3A%221.23.0%22%7D

40 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
stopcoronavirus.ga/
Redirect Chain

http://stopcoronavirus.ga/
https://stopcoronavirus.ga/

10 KB
4 KB

398ms
211ms

Document
text/html

178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 670593269b06e7587b011570e2f0176817135c324fd98c6dd02139a3c67dd333

Request headers

Host: stopcoronavirus.ga
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 03 Apr 2020 17:52:43 GMT
ETag: "276a-5a2669595c758-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://stopcoronavirus.ga/
Content-Length: 295
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
565 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik:wght@300&display=swap

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b32a5bd4f1498ba47aafc78e7ce57f4ceaf2b6255742abeae1a3e87860c7b8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Apr 2020 16:11:17 GMT
server: ESF
date: Sat, 04 Apr 2020 16:11:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Apr 2020 16:11:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 14040473416781760607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Apr 2020 16:11:17 GMT

GET
H/1.1 200
OK style.css
stopcoronavirus.ga/ 3 KB
1 KB 93ms
92ms Stylesheet
text/css 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stopcoronavirus.ga/style.css
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: aaf27727844071385ae173c768e9473cc1a94974519798c366a85bb74f08632b

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 14:29:41 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "bd5-5a22765ee9cb8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 850

GET
H/1.1 200
OK styles.css
stopcoronavirus.ga/ 2 KB
753 B 178ms
84ms Stylesheet
text/css 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stopcoronavirus.ga/styles.css
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8bc74c25fe766611f25adfd1d1257e0265bf2a137172774a070157f3dbd8e2a7

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2020 08:45:46 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "89d-5a20e7a287886-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 418

GET
H/1.1 200
OK viapush.js Show response
cdn.viapush.com/cdn/v1/sdks/ 253 KB
61 KB 116ms
50ms Script
application/javascript 91.134.17.4
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viapush.com/cdn/v1/sdks/viapush.js
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.134.17.4 , France, ASN16276 (OVH, FR),
Reverse DNS: ip4.ip-91-134-17.eu
Software: nginx/1.16.1 /
Resource Hash: eca23be93ee61f17707c24ae32306078d07a040901d2a0bda1e98bf028185ac2

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jun 2018 11:01:39 GMT
Server: nginx/1.16.1
ETag: W/"5b224b13-3f5f6"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK hands.png
stopcoronavirus.ga/img/ 30 KB
30 KB 235ms
106ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/hands.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9e91d66ef11e6e19dfc5e39b9a7e5d5ee1444a7e044d68942e1f1e71cd7d3da3

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Last-Modified: Sat, 28 Mar 2020 14:49:01 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "780d-5a1eb518f5a28"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30733

GET
H/1.1 200
OK stayhome.png
stopcoronavirus.ga/img/ 22 KB
23 KB 216ms
165ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/stayhome.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 8b768da90116e1f9db61ed2e23c375d15cde2ef35acb021f100085025ef597c9

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:17 GMT
Last-Modified: Sat, 28 Mar 2020 14:54:56 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5949-5a1eb66b91f60"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22857

GET
H/1.1 200
OK mask.png
stopcoronavirus.ga/img/ 31 KB
31 KB 159ms
136ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/mask.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 51820c4327ff04396836094cca9092b07d2e5657adc7c0b3349adeef436030bc

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 14:56:24 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7bd0-5a1eb6bfcc760"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31696

GET
H/1.1 200
OK cough.png
stopcoronavirus.ga/img/ 19 KB
19 KB 215ms
101ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/cough.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 277b4b9066d0c9b4001b1f0003fb4ce8ebd251b25454da63d71d9745c1a8c4b4

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 15:21:11 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4bd7-5a1ebc4986b18"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19415

GET
H/1.1 200
OK temp.png
stopcoronavirus.ga/img/ 22 KB
22 KB 220ms
67ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/temp.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a57c70f8e1ac23c8703acfdde65c17b73eb3f14878ae13ee2a6ceec14f91f7a2

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 15:21:02 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5839-5a1ebc417c198"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 22585

GET
H/1.1 200
OK fever.png
stopcoronavirus.ga/img/ 23 KB
24 KB 267ms
102ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/fever.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 859dbdb23b273ad690b66022fa84f1f8ffaa761065fbd7b8936b950e7c560734

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 15:22:00 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5d76-5a1ebc7811bb8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 23926

GET
H/1.1 200
OK headache.png
stopcoronavirus.ga/img/ 19 KB
19 KB 111ms
98ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/headache.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e47d6b43485794875147bd91850f5e0e76c6c5b0d9321ec75ed207d212ba1c1f

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 15:21:23 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4cb1-5a1ebc54c51c8"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19633

GET
H/1.1 200
OK dizzines.png
stopcoronavirus.ga/img/ 20 KB
21 KB 107ms
106ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/dizzines.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 3157bf22eacc12830014df669392b052558b4dbc28b72ae8016ad86628cb16cb

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 15:21:18 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "51d1-5a1ebc502fc58"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20945

GET
H/1.1 200
OK antiseptic.png
stopcoronavirus.ga/img/ 14 KB
14 KB 82ms
81ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/antiseptic.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 9330adfd68f9b7a405690f2997c50a16b5bf38b9c3973bce64f0ff0f24e596f5

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:35:19 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "365a-5a1ef517b15f0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13914

GET
H/1.1 200
OK plane.png
stopcoronavirus.ga/img/ 29 KB
29 KB 102ms
101ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/plane.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 395c2ee0988142419e313e4ad4a12a69637ae7e424b04b5359b82073e646ef26

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:35:31 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7445-5a1ef52273088"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29765

GET
H/1.1 200
OK gruop.png
stopcoronavirus.ga/img/ 21 KB
22 KB 102ms
102ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/gruop.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a897acc3de6813a843b7712f28bd05fcbb5dc16efc67958d7c01695206975354

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:35:37 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "55d1-5a1ef52855a00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21969

GET
H/1.1 200
OK emerg.png
stopcoronavirus.ga/img/ 23 KB
24 KB 104ms
103ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/emerg.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: dc71ca8058375a57ca6f73c4ab5738ebe6dd75800c608f8a2094ebd9c7b57fb5

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:44:26 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5df8-5a1ef721287d0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 24056

GET
H/1.1 200
OK everyone.png
stopcoronavirus.ga/img/ 23 KB
23 KB 86ms
85ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/everyone.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4e50b0aab617a10c8c554f0ee36dc0057b687421fa9d414dc9cd126eb214fca6

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:45:13 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5add-5a1ef74dccf84"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 23261

GET
H/1.1 200
OK bed.png
stopcoronavirus.ga/img/ 14 KB
14 KB 109ms
109ms Image
image/png 178.124.169.166
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stopcoronavirus.ga/img/bed.png
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.124.169.166 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: mm-166-169-124-178.static.minsktelecom.by
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: d3c03890cb3836e4f045a6ab049d36fa1a72a111fd2f9c4728c5ecd086b93e0f

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 28 Mar 2020 19:47:18 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "38cf-5a1ef7c50dde6"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 14543

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 37ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=stopcoronavirus.ga

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 36ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stopcoronavirus.ga

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/ 215 KB
81 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82822
x-xss-protection: 0
server: cafe
etag: 1643823074256303265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Apr 2020 16:11:17 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/ Frame F1D6 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://stopcoronavirus.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://stopcoronavirus.ga/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 04 Apr 2020 13:04:26 GMT
expires: Sat, 18 Apr 2020 13:04:26 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 11211
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 widget.js Show response
yastatic.net/s3/chat/ 75 KB
19 KB 124ms
56ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/chat/widget.js

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

9771595a9247336ee98672e63cc0ede3ab0f0b151e741d467d41604936cb3f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
content-encoding: br
last-modified: Thu, 26 Mar 2020 13:32:54 GMT
server: nginx/1.17.8
access-control-allow-origin: *
etag: W/"5e8be1b391eb9ab19411534e87e5ccb5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-nginx-request-id: 83b5ddfc4218ea4f
cache-control: public, max-age=216013
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
expires: Tue, 07 Apr 2020 04:11:19 GMT

GET
H2 200 iJWHBXyIfDnIV7Fqj2mZ8WD07oB-98o.woff2
fonts.gstatic.com/s/rubik/v9/ 6 KB
6 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Fqj2mZ8WD07oB-98o.woff2

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed714cb3e8e5d1bd21fc7d37c8c66b76e9b09d0c3add3f4cf5d6fb59af0c9de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css2?family=Rubik:wght@300&display=swap
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 14:42:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:14 GMT
server: sffe
age: 264533
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6132
x-xss-protection: 0
expires: Thu, 01 Apr 2021 14:42:24 GMT

GET
H2 200 iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 14 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css2?family=Rubik:wght@300&display=swap
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 16:50:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:06 GMT
server: sffe
age: 256820
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14828
x-xss-protection: 0
expires: Thu, 01 Apr 2021 16:50:57 GMT

GET
H/1.1 200
OK latest Show response
coronavirus-tracker-api.herokuapp.com/v2/ 61 B
298 B 694ms
578ms XHR
application/json 18.203.208.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-tracker-api.herokuapp.com/v2/latest
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.208.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-208-214.eu-west-1.compute.amazonaws.com
Software: uvicorn /
Resource Hash: b81cb083f3b3463b5c639e74859e27ac0fc01dad01e42ed7f4f3b15b824f1e22

Request headers

Referer: https://stopcoronavirus.ga/
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 04 Apr 2020 16:11:18 GMT
Via: 1.1 vegur
Server: uvicorn
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 61

GET
H/1.1 200
OK 3166535
www.donationalerts.com/widget/goal/ Frame FBE8 0
0 333ms
217ms Document
text/html 95.163.254.117
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://www.donationalerts.com/widget/goal/3166535?token=Cj4VnnbjUDdn4lHwRF7O
Requested by: Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.254.117 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: donationalerts.mail.ru
Software: nginx / PHP/7.2.27
Resource Hash

Request headers

Host: www.donationalerts.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://stopcoronavirus.ga/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://stopcoronavirus.ga/

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.27
Cache-Control: no-cache, private
Date: Sat, 04 Apr 2020 16:11:18 GMT
Content-Encoding: gzip

GET
H2 200 settings Show response
api.viapush.com/public/applications/95e8c325-9418-4bcf-fd50-31a50f7a0b36/ 656 B
685 B 171ms
33ms Fetch
application/json 46.105.74.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.viapush.com/public/applications/95e8c325-9418-4bcf-fd50-31a50f7a0b36/settings

Requested by

Host: cdn.viapush.com
URL: https://cdn.viapush.com/cdn/v1/sdks/viapush.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

46.105.74.90 , France, ASN16276 (OVH, FR),

Reverse DNS

ip90.ip-46-105-74.eu

Software

nginx /

Resource Hash

c23ad998e98490bc12abea3863d4aed4d7a527a4f83daa3a334a3024ac8153e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stopcoronavirus.ga/
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
content-encoding: gzip
status: 200
server: nginx
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BFEE 0
0 33ms
33ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7628472238841590&output=html&adk=1812271804&adf=3025194257&lmt=1585936363&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fstopcoronavirus.ga%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586016677807&bpp=166&bdt=118&fdt=208&idt=208&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=608054424274&frm=20&pv=2&ga_vid=1126747303.1586016678&ga_sid=1586016678&ga_hid=1808450392&ga_fc=0&iag=0&icsg=650&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532&oid=3&pvsid=2769671331053714&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7628472238841590&output=html&adk=1812271804&adf=3025194257&lmt=1585936363&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fstopcoronavirus.ga%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586016677807&bpp=166&bdt=118&fdt=208&idt=208&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=608054424274&frm=20&pv=2&ga_vid=1126747303.1586016678&ga_sid=1586016678&ga_hid=1808450392&ga_fc=0&iag=0&icsg=650&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065532&oid=3&pvsid=2769671331053714&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=220
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://stopcoronavirus.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://stopcoronavirus.ga/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Apr 2020 16:11:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Apr-2020 16:26:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sat, 04 Apr 2020 16:11:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585759507325766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27920
x-xss-protection: 0
expires: Sat, 04 Apr 2020 16:11:18 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/52122583/
Redirect Chain

https://mc.yandex.ru/watch/52122583?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1...
https://mc.yandex.ru/watch/52122583/1?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%...

43 B
444 B

49ms
48ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52122583/1?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0&rn=657691&page-url=https%3A%2F%2Fstopcoronavirus.ga%2F&site-info=%7B%22guid%22%3A%22ab052455-3f27-4577-93ff-098961a9a04b%22%2C%22serviceId%22%3A%22undefined%22%2C%22version%22%3A%221.23.0%22%7D

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 04-Apr-2020 16:11:18 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sat, 04-Apr-2020 16:11:18 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Apr 2020 16:11:18 GMT
Last-Modified: Sat, 04-Apr-2020 16:11:18 GMT
Server: nginx/1.14.2
Location: /watch/52122583/1?browser-info=rn%3A739195%3Ac%3A1%3As%3A1600x1200x24%3Aen%3Autf-8%3At%3A%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BE%D0%B2%D0%B8%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0&rn=657691&page-url=https%3A%2F%2Fstopcoronavirus.ga%2F&site-info=%7B%22guid%22%3A%22ab052455-3f27-4577-93ff-098961a9a04b%22%2C%22serviceId%22%3A%22undefined%22%2C%22version%22%3A%221.23.0%22%7D
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://stopcoronavirus.ga
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sat, 04-Apr-2020 16:11:18 GMT

GET
DATA 200
OK truncated
/ 347 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717b9673a508ab1abd1ea46a0c4d78418deac445affe33fbc6ab93ebe4769449

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 text-medium.woff2
yastatic.net/s3/home/fonts/ys/1/ 44 KB
45 KB 133ms
64ms Font
application/octet-stream 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/1/text-medium.woff2

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

e74d491cb6d444a8845ed5da956030c3f9a9ad7ddaa8eea241a350339917eea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://stopcoronavirus.ga/
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
last-modified: Thu, 25 Jan 2018 09:56:42 GMT
server: nginx/1.17.8
access-control-allow-origin: *
etag: "5e725876afc3f9b5eb47fd7577948ed0"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
x-nginx-request-id: e7a45472017e124e
cache-control: public, max-age=216013
strict-transport-security: max-age=43200000; includeSubDomains;
accept-ranges: bytes
timing-allow-origin: *
content-length: 45284
expires: Tue, 07 Apr 2020 04:10:26 GMT

GET
H2 200 f257af27.png
api.viapush.com/storage/icons/05/cc/6a/c2/ 12 KB
13 KB 109ms
47ms Image
image/png 46.105.74.90
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.viapush.com/storage/icons/05/cc/6a/c2/f257af27.png

Requested by

Host: stopcoronavirus.ga
URL: https://stopcoronavirus.ga/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

46.105.74.90 , France, ASN16276 (OVH, FR),

Reverse DNS

ip90.ip-46-105-74.eu

Software

nginx /

Resource Hash

d4e30b8111aeee5b5d8bdb2298c2a7d8994d8cc1be98b06d58ec9d8adf67f99f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
x-content-type-options: nosniff, nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 12622
x-xss-protection: 1; mode=block, 1; mode=block
last-modified: Tue, 31 Mar 2020 11:10:57 GMT
server: nginx
x-frame-options: DENY, DENY
etag: W/"314e-17130498910"
x-download-options: noopen
vary: Origin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ee1eac306293e70cc81807a34b335928d87f17015cc1e25eee08951121ff25

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 201 devices Show response
api.viapush.com/public/ 214 B
433 B 32ms
31ms Fetch
application/json 46.105.74.90
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://api.viapush.com/public/devices

Requested by

Host: cdn.viapush.com
URL: https://cdn.viapush.com/cdn/v1/sdks/viapush.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

46.105.74.90 , France, ASN16276 (OVH, FR),

Reverse DNS

ip90.ip-46-105-74.eu

Software

nginx /

Resource Hash

8e01431104740c2ac7542c252a922b35477b7a9c66161ccc69533da037e8cf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stopcoronavirus.ga/
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
x-content-type-options: nosniff
server: nginx
status: 201
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 6 KB
6 KB 36ms
18ms XHR
application/json 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200401&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8574166e38ff5264a6fc22e28d02eba022373d4abad7edc48ec4e3ae24f42f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
Origin: https://stopcoronavirus.ga
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Apr 2020 16:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5071
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 04 Apr 2020 16:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sat, 04 Apr 2020 16:11:18 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C151 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://stopcoronavirus.ga/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://stopcoronavirus.ga/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 04 Apr 2020 15:30:08 GMT
expires: Sun, 04 Apr 2021 15:30:08 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2470
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200401&jk=2769671331053714&bg=!0dKl0spY1Grr72dAN1QCAAAAMVIAAAAJmQFeS3QlPIvmiNZEDBU4SWBDn4V6xEvI7CY3kkxZDyu4cssOivg0cECrTmf5DAQmmbQHrSAq0fLYrpHyhj-WPKNGOUj5idjBEzcBp-NEgE_YfuYzxhGYW29XAcwja41TKxGXoomJWZZ5jBoJIAksGs-RB9yCcsiqEH4_tUKufTbKAABmNEy8b2yyvLBt4e10MUhBU1VaqVo-1Mm7bSTl2oc6l6rTzhczUecHT8ma85hudl1W_HaOoaVsZsEsCYmC6GSsvqISSML-iCjRWhZDvn5ukdeDfZvvTbKOZmjeOMvt9MWC2a7tUKG3yobMBopfbyhjj2m5iJHcaWsddcAZghbbAkfia2QfIf5hsu2B9pF8KSKu4LSH2qcwHcobXXu4zkPpxMnfvCHAx_7XtKBMUooZLbRtfR3GqLmM81ekJ6G77AI_eVL2pzXqAVVvmXp2VfS3ztQ9b6HMPYsEgA8gDTQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stopcoronavirus.ga/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 04 Apr 2020 16:11:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.donationalerts.com/	1970-01-19 16:33:07	Name: tmr_reqNum Value: 3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.viapush.com/cdn/v1/sdks/viapush.js(Line 4) Message: delay 0 enabled? false 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.viapush.com
cdn.viapush.com
coronavirus-tracker-api.herokuapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
stopcoronavirus.ga
tpc.googlesyndication.com
www.donationalerts.com
www.googletagservices.com
yastatic.net
178.124.169.166
18.203.208.214
2a00:1450:4001:800::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:817::2002
2a00:1450:4001:820::2003
2a02:6b8:20::215
2a02:6b8::1:119
46.105.74.90
91.134.17.4
95.163.254.117
03ee1eac306293e70cc81807a34b335928d87f17015cc1e25eee08951121ff25
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
277b4b9066d0c9b4001b1f0003fb4ce8ebd251b25454da63d71d9745c1a8c4b4
2ed714cb3e8e5d1bd21fc7d37c8c66b76e9b09d0c3add3f4cf5d6fb59af0c9de
3157bf22eacc12830014df669392b052558b4dbc28b72ae8016ad86628cb16cb
395c2ee0988142419e313e4ad4a12a69637ae7e424b04b5359b82073e646ef26
41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273
4e50b0aab617a10c8c554f0ee36dc0057b687421fa9d414dc9cd126eb214fca6
51820c4327ff04396836094cca9092b07d2e5657adc7c0b3349adeef436030bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
670593269b06e7587b011570e2f0176817135c324fd98c6dd02139a3c67dd333
717b9673a508ab1abd1ea46a0c4d78418deac445affe33fbc6ab93ebe4769449
859dbdb23b273ad690b66022fa84f1f8ffaa761065fbd7b8936b950e7c560734
8b768da90116e1f9db61ed2e23c375d15cde2ef35acb021f100085025ef597c9
8bc74c25fe766611f25adfd1d1257e0265bf2a137172774a070157f3dbd8e2a7
8e01431104740c2ac7542c252a922b35477b7a9c66161ccc69533da037e8cf3e
9330adfd68f9b7a405690f2997c50a16b5bf38b9c3973bce64f0ff0f24e596f5
9771595a9247336ee98672e63cc0ede3ab0f0b151e741d467d41604936cb3f30
9e91d66ef11e6e19dfc5e39b9a7e5d5ee1444a7e044d68942e1f1e71cd7d3da3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a57c70f8e1ac23c8703acfdde65c17b73eb3f14878ae13ee2a6ceec14f91f7a2
a897acc3de6813a843b7712f28bd05fcbb5dc16efc67958d7c01695206975354
aaf27727844071385ae173c768e9473cc1a94974519798c366a85bb74f08632b
b32a5bd4f1498ba47aafc78e7ce57f4ceaf2b6255742abeae1a3e87860c7b8e6
b81cb083f3b3463b5c639e74859e27ac0fc01dad01e42ed7f4f3b15b824f1e22
c23ad998e98490bc12abea3863d4aed4d7a527a4f83daa3a334a3024ac8153e4
c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f
c8574166e38ff5264a6fc22e28d02eba022373d4abad7edc48ec4e3ae24f42f3
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
d3c03890cb3836e4f045a6ab049d36fa1a72a111fd2f9c4728c5ecd086b93e0f
d4e30b8111aeee5b5d8bdb2298c2a7d8994d8cc1be98b06d58ec9d8adf67f99f
dc71ca8058375a57ca6f73c4ab5738ebe6dd75800c608f8a2094ebd9c7b57fb5
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d6b43485794875147bd91850f5e0e76c6c5b0d9321ec75ed207d212ba1c1f
e74d491cb6d444a8845ed5da956030c3f9a9ad7ddaa8eea241a350339917eea5
eca23be93ee61f17707c24ae32306078d07a040901d2a0bda1e98bf028185ac2

stopcoronavirus.ga Open in urlscan Pro 178.124.169.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

58 %IPv6

13 Domains

15 Subdomains

13 IPs

5 Countries

643 kBTransfer

1153 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stopcoronavirus.ga Open in urlscan Pro
178.124.169.166 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

58 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

643 kB
Transfer

1153 kB
Size

1
Cookies

40 HTTP transactions
2 data transactions