koronavirusnerede.com Open in urlscan Pro
2606:4700:3032::6818:7771 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://koronavirusnerede.com/
Effective URL:
https://koronavirusnerede.com/
Submission: On April 06 via api (April 6th 2020, 5:42:39 pm UTC) from US

Summary HTTP 76 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 30 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3032::6818:7771, located in United States and belongs to CLOUDFLARENET, US. The main domain is koronavirusnerede.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 11th 2020. Valid for: 7 months.

This is the only time koronavirusnerede.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3032::6818:7771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
6	104.26.6.186 104.26.6.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	195.181.175.52 195.181.175.52	60068 (CDN77) (CDN77)
2	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1	13.224.193.11 13.224.193.11	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:7200:1c:4bbb:9180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
5	146.185.142.91 146.185.142.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	18.195.193.185 18.195.193.185	16509 (AMAZON-02) (AMAZON-02)
1 1	188.165.27.173 188.165.27.173	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
6	104.248.139.51 104.248.139.51	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	46.101.136.217 46.101.136.217	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
4 4	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
2 2	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
1	13.225.73.69 13.225.73.69	16509 (AMAZON-02) (AMAZON-02)
2	104.16.53.4 104.16.53.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:d43b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	52.213.246.150 52.213.246.150	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.6 13.225.73.6	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:22cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.195.73.23 18.195.73.23	16509 (AMAZON-02) (AMAZON-02)
76	30

10 2606:4700:3032::6818:7771 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

koronavirusnerede.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.6.186 (United States)

ASN13335 (CLOUDFLARENET, US)

www.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.52 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-52.datapacket.com

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-11.fra2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7200:1c:4bbb:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)

adserver.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.185.142.91 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.193.185 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-193-185.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.27.173 (Lithuania) 1 redirects

ASN16276 (OVH, FR)
PTR: ip173.ip-188-165-27.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.248.139.51 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamstore.bank.v3.lb1

bank.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.136.217 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamselfie.iq

iq.reklamselfie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.207.34 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.29 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-69.fra2.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.4 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:d43b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.213.246.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-6.fra2.r.cloudfront.net

adimg.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:22cd (United States)

ASN13335 (CLOUDFLARENET, US)

run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.92.60 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.73.23 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-23.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cpx.to p.cpx.to s.cpx.to	12 KB
10	koronavirusnerede.com 1 redirects koronavirusnerede.com	110 KB
7	reklamstore.com adserver.reklamstore.com bank.reklamstore.com	59 KB
6	rekmob.com ads.rekmob.com adimg.rekmob.com	5 KB
6	doubleclick.net 4 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	77 KB
6	amcharts.com www.amcharts.com	350 KB
5	runative-syndicate.com cdn.runative-syndicate.com runative-syndicate.com pixel.runative-syndicate.com	23 KB
4	adform.net 3 redirects adx.adform.net dmp.adform.net	1 KB
4	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com	4 KB
4	gstatic.com fonts.gstatic.com	37 KB
4	bidswitch.net 4 redirects x.bidswitch.net pool.grid-data.bidswitch.net	2 KB
3	pubmatic.com 3 redirects image2.pubmatic.com	2 KB
2	truoptik.com 2 redirects dmp.truoptik.com	869 B
2	glotgrx.com pre.glotgrx.com	768 B
2	yabidos.com pixel.yabidos.com	23 KB
2	eyeota.net ps.eyeota.net	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	chartbeat.com static.chartbeat.com mab.chartbeat.com	9 KB
2	googleapis.com fonts.googleapis.com imasdk.googleapis.com	91 KB
2	googletagmanager.com www.googletagmanager.com	50 KB
1	run-syndicate.com run-syndicate.com	467 B
1	reklamselfie.com 1 redirects iq.reklamselfie.com	215 B
1	creativecdn.com prebid-eu.creativecdn.com	207 B
1	criteo.com bidder.criteo.com	151 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	erne.co 1 redirects green.erne.co	443 B
1	criteo.net static.criteo.net	29 KB
1	webpushs.com web.webpushs.com	17 KB
76	30

	Domain	Requested by
11	s.cpx.to	p.cpx.to koronavirusnerede.com
10	koronavirusnerede.com	1 redirects koronavirusnerede.com
6	bank.reklamstore.com	adserver.reklamstore.com koronavirusnerede.com bank.reklamstore.com
6	www.amcharts.com	koronavirusnerede.com
5	ads.rekmob.com	adserver.reklamstore.com koronavirusnerede.com
4	cm.g.doubleclick.net	4 redirects
4	fonts.gstatic.com	koronavirusnerede.com
3	image2.pubmatic.com	3 redirects
3	cdn.runative-syndicate.com	adserver.reklamstore.com cdn.runative-syndicate.com koronavirusnerede.com
3	x.bidswitch.net	3 redirects
2	dmp.truoptik.com	2 redirects
2	secure.adnxs.com	2 redirects
2	pre.glotgrx.com	koronavirusnerede.com
2	pixel.yabidos.com	adserver.reklamstore.com pixel.yabidos.com
2	dmp.adform.net	2 redirects
2	ps.eyeota.net	bank.reklamstore.com ps.eyeota.net
2	adx.adform.net	1 redirects koronavirusnerede.com
2	ib.adnxs.com	1 redirects adserver.reklamstore.com
2	www.google-analytics.com	www.googletagmanager.com koronavirusnerede.com
2	cdnjs.cloudflare.com	koronavirusnerede.com
2	securepubads.g.doubleclick.net	koronavirusnerede.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	koronavirusnerede.com adserver.reklamstore.com
1	pixel.runative-syndicate.com
1	pool.grid-data.bidswitch.net	1 redirects
1	runative-syndicate.com	cdn.runative-syndicate.com
1	run-syndicate.com	cdn.runative-syndicate.com
1	adimg.rekmob.com	koronavirusnerede.com
1	p.cpx.to	bank.reklamstore.com
1	iq.reklamselfie.com	1 redirects
1	prebid-eu.creativecdn.com	adserver.reklamstore.com
1	bidder.criteo.com	adserver.reklamstore.com
1	mab.chartbeat.com	static.chartbeat.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	green.erne.co	1 redirects
1	imasdk.googleapis.com	adserver.reklamstore.com
1	adserver.reklamstore.com	koronavirusnerede.com
1	static.criteo.net	koronavirusnerede.com
1	static.chartbeat.com	koronavirusnerede.com
1	web.webpushs.com	koronavirusnerede.com
1	fonts.googleapis.com	koronavirusnerede.com
76	41

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-11` - `2020-10-09`	7 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-17` - `2021-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2020-04-04` - `2021-04-04`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
adserver2.reklamstore.com Amazon	`2019-07-02` - `2020-08-02`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
ads.rekmob.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-22` - `2021-05-08`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-18` - `2020-08-07`	6 months	crt.sh
*.reklamstore.com COMODO RSA Domain Validation Secure Server CA	`2017-09-08` - `2020-09-07`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-02-10` - `2020-05-10`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.yabidos.com Go Daddy Secure Certificate Authority - G2	`2019-05-19` - `2020-07-18`	a year	crt.sh
ssl403620.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-31` - `2020-08-08`	6 months	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
adimg.rekmob.com Amazon	`2019-07-12` - `2020-08-12`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
ssl817673.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://koronavirusnerede.com/
Frame ID: 5D5CBFE4EE8BCE5BE38B13BE8A064252
Requests: 69 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/n.js
Frame ID: D6298D482044D9ECDF057505E396E452
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://koronavirusnerede.com/ HTTP 301
https://koronavirusnerede.com/ Page URL

Detected technologies

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

script /amcharts.*\.js/i

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?\/material(?:\.min)?\.js/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /adnxs\.(?:net|com)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

76
Requests

100 %
HTTPS

37 %
IPv6

30
Domains

41
Subdomains

30
IPs

10
Countries

996 kB
Transfer

2931 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?ref_src=twsrc%5Etfw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://koronavirusnerede.com/ HTTP 301
https://koronavirusnerede.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=xR0IuaXW4aFVJSzvohgaUl6m&ssp=reklamstore HTTP 302
https://ads.rekmob.com/retarget/pix?id=bs&cv=40935a4c-fc2e-446f-bd30-51a1894b477b&d=1

Request Chain 40

https://adx.adform.net/adx/?rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp HTTP 302
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp

Request Chain 45

https://iq.reklamselfie.com/585ce73218044 HTTP 302
https://bank.reklamstore.com/rs.js

Request Chain 47

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID HTTP 302
https://bank.reklamstore.com/anx.php?uid=6518034339872072555

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc= HTTP 302
https://bank.reklamstore.com/adx.php?google_gid=CAESEO_HOJWeegVnuoAL-geD994&google_cver=1

Request Chain 49

https://dmp.adform.net/serving/cookie/match?party=1068 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 HTTP 302
https://bank.reklamstore.com/adform.php?uid=5759305927880742139

Request Chain 64

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

Request Chain 65

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=32E510A1-F7AA-46CA-8741-FA5F8FE22379&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

Request Chain 66

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&fck=2173a1cc0e8cf5dd&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=6ed32f12f4c1d5215de6a44f724abf72&fck=2173a1cc0e8cf5dd

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

Request Chain 68

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=40935a4c-fc2e-446f-bd30-51a1894b477b&dsp=BIDSWITCH

Request Chain 69

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&fck=2173a2c8452a30a9&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=dc1b8013721436e79c076c38c5e92a09&fck=2173a2c8452a30a9

Request Chain 70

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D527489cf-531a-4f76-b56e-053ec32d4cfb HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

Request Chain 72

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D527489cf-531a-4f76-b56e-053ec32d4cfb HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=749DCDF5-15D7-40C1-82A9-B6B7738EC1AA&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koronavirusnerede.com/
Redirect Chain

http://koronavirusnerede.com/
https://koronavirusnerede.com/

22 KB
7 KB

174ms
149ms

Document
text/html

2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2349fb15e8c4007b69cbbd75055073e8f796a4a6d3c25e969cad8e7149ccccf9

Request headers

:method: GET
:authority: koronavirusnerede.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 06 Apr 2020 17:42:17 GMT
content-type: text/html
set-cookie: __cfduid=d3a29dc6081054d366b05d46e00fbaef81586194936; expires=Wed, 06-May-20 17:42:16 GMT; path=/; domain=.koronavirusnerede.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 03 Apr 2020 05:53:36 GMT
vary: Accept-Encoding
x-powered-by: PleskLin
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57fd4df3dacec27c-FRA
content-encoding: br

Redirect headers

Date: Mon, 06 Apr 2020 17:42:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 06 Apr 2020 18:42:16 GMT
Location: https://koronavirusnerede.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 57fd4df39effc277-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 22ms
19ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160645602-1

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82d06da0ba3980200c98fba990fe1b3041f5b709b3e38819aaff4b538f35a0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29062
x-xss-protection: 0
last-modified: Mon, 06 Apr 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H2 200 jquery-2.0.3.min.js Show response
koronavirusnerede.com/jquerySource/ 82 KB
28 KB 21ms
18ms Script
application/javascript 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/jquerySource/jquery-2.0.3.min.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 87dfeb0d038d09861ae4fd72a6de0c878e7dba2225970cead3e15cec0e1020ed

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 297236
x-powered-by: PleskLin
status: 200
last-modified: Fri, 13 Mar 2020 11:24:44 GMT
server: cloudflare
etag: W/"146a0-5e6b6d7c-10ca0dde9b4a8e83;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df4cdacc27c-FRA
expires: Fri, 10 Apr 2020 07:05:09 GMT

GET
H2 200 core.js Show response
www.amcharts.com/lib/4/ 995 KB
230 KB 107ms
53ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/core.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89191564065a059febf1b94407f9c16967f8e2222e9bcc6422d3143348d913e1

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2482
cf-polished: origSize=1019474
status: 200
cf-bgj: minify
last-modified: Sun, 05 Apr 2020 16:32:16 GMT
server: cloudflare
etag: W/"f8e52-5e8a0810-d86dbcd61b9e90dc;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e86bc2a-LHR
expires: Mon, 13 Apr 2020 17:00:55 GMT

GET
H2 200 maps.js Show response
www.amcharts.com/lib/4/ 128 KB
36 KB 127ms
73ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/maps.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb40ba7b2a0c8e556434919191c56626cae8336393ba068f35b0b450af22b4f

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2479
cf-polished: origSize=131331
status: 200
cf-bgj: minify
last-modified: Sat, 14 Mar 2020 11:53:14 GMT
server: cloudflare
etag: W/"20103-5e6cc5aa-a88c4e073e98de30;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e8dbc2a-LHR
expires: Mon, 13 Apr 2020 17:00:58 GMT

GET
H2 200 worldLow.js Show response
www.amcharts.com/lib/4/geodata/ 240 KB
81 KB 193ms
139ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/geodata/worldLow.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6dadf32ae8bf81b078bbae8f84fc29af165f77a84f8e1e934a7430630b64bdd

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2442
cf-polished: origSize=246297
status: 200
cf-bgj: minify
last-modified: Sun, 02 Feb 2020 06:16:28 GMT
server: cloudflare
etag: W/"3c219-5e36693c-21f568c160e2e05d;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e90bc2a-LHR
expires: Mon, 13 Apr 2020 17:01:35 GMT

GET
H2 200 TR.js Show response
www.amcharts.com/lib/4/geodata/lang/ 5 KB
3 KB 431ms
377ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/geodata/lang/TR.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39fc0dd16da25dd8dfa21bfc93db61d407bfc53ce6ef5f34c99926b439034aa9

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 02 Feb 2020 06:09:31 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"133e-5e36679b-e824afe4267ccddd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e94bc2a-LHR
expires: Mon, 13 Apr 2020 17:42:17 GMT

GET
H2 200 material.js Show response
www.amcharts.com/lib/4/themes/ 960 B
895 B 94ms
40ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/themes/material.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb684fd76ea91bcf4742f58611f7663af8b7011f1d42da5f9603c0b37e8a4f6

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2220
cf-polished: origSize=1611
status: 200
cf-bgj: minify
last-modified: Fri, 07 Feb 2020 13:29:38 GMT
server: cloudflare
etag: W/"64b-5e3d6642-378d7f5de76d0120;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e95bc2a-LHR
expires: Mon, 13 Apr 2020 17:05:17 GMT

GET
H2 200 animated.js Show response
www.amcharts.com/lib/4/themes/ 2 KB
558 B 161ms
108ms Script
application/x-javascript 104.26.6.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amcharts.com/lib/4/themes/animated.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 2482
cf-polished: origSize=2247
status: 200
cf-bgj: minify
last-modified: Fri, 07 Feb 2020 13:29:36 GMT
server: cloudflare
etag: W/"8c7-5e3d6640-4811a5f5e1d7c804;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df53e9cbc2a-LHR
expires: Mon, 13 Apr 2020 17:00:55 GMT

GET
H2 200 push.js Show response
koronavirusnerede.com/jquerySource/ 13 KB
4 KB 18ms
16ms Script
application/javascript 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/jquerySource/push.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4b6d0acaece71abd272b5aa622a27d1c0fb0daf034e7b6266a098e7e44a66e5c

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 297236
x-powered-by: PleskLin
status: 200
last-modified: Sat, 21 Mar 2020 13:20:09 GMT
server: cloudflare
etag: W/"325a-5e761489-e61dc06d86860ada;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df4cdafc27c-FRA
expires: Fri, 10 Apr 2020 07:05:09 GMT

GET
H2 200 main.css
koronavirusnerede.com/css/ 27 KB
6 KB 120ms
117ms Stylesheet
text/css 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/css/main.css
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d2178809ce4352f9b3549a69c95b1ffd69cebc2b9bb3dc1c16e9b92fa80bbf8d

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
etag: W/"6c06-5e86db30-19853e024437887c;gz"
cf-cache-status: MISS
last-modified: Fri, 03 Apr 2020 06:44:00 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df4cda4c27c-FRA
expires: Mon, 13 Apr 2020 17:38:56 GMT

GET
H2 200 main2.css
koronavirusnerede.com/css/ 52 KB
9 KB 115ms
113ms Stylesheet
text/css 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/css/main2.css
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0c8c455abda17b852539682cd8c9a3375c7747c58bc498d4997306d0dbe65189

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
etag: W/"ce7b-5e70816a-4836a7151cb417bf;gz"
cf-cache-status: MISS
last-modified: Tue, 17 Mar 2020 07:51:06 GMT
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df4cdaac27c-FRA
expires: Mon, 13 Apr 2020 17:38:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
657 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Apr 2020 17:42:17 GMT
server: ESF
date: Mon, 06 Apr 2020 17:42:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H2 200 b185af8508dd30ccf70d9bad398373eb_1.js Show response
web.webpushs.com/js/push/ 49 KB
17 KB 114ms
32ms Script
application/javascript 195.181.175.52
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/b185af8508dd30ccf70d9bad398373eb_1.js

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-52.datapacket.com

Software

CDN77-Turbo /

Resource Hash

93754144e2096e686c319fa47b7ebf8352e96597ac4a720190bc41fe38db1b7d

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com .webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 167989
x-xss-protection: 1; mode=block
x-sp-ma: ma5
last-modified: Sat, 04 Apr 2020 18:38:20 GMT
server: CDN77-Turbo
etag: W/"c315-5a27b5691fe80"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
x-sp-pr: lpr5
cache-control: max-age=604800
x-edge-ip: 195.181.175.50
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com *.webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Sat, 11 Apr 2020 19:02:28 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 68ms
68ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

86be8c3d039e399f661dd58b3858f37bd890643f1c475d97ae5131b939a3a216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "478 / 158 of 1000 / last-modified: 1586189426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14694
x-xss-protection: 0
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 116ms
36ms Script
application/x-javascript 13.224.193.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.193.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-11.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 15:44:52 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 7045
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VNPxcc_xIJoctMeaPV7XiG8F-KSUrl74GQodqhw_EpfcEKrNMUSg1w==
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
expires: Mon, 06 Apr 2020 17:44:52 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 96 KB
29 KB 67ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: d8435911753d7e931e1dda44b3ec12ce5158d6389131eadb584f0097a809c901

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 08:42:53 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e708d8d-18138"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 07 Apr 2020 17:42:17 GMT

GET
H2 200 reklamstore.js Show response
adserver.reklamstore.com/ 94 KB
29 KB 27ms
8ms Script
application/javascript 2600:9000:21f3:7200:1c:4bbb:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.reklamstore.com/reklamstore.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:7200:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb87a7f398ab03411eea662b819f9a3426c37ed6f6dd8a8fe6b93c0cc00dccba

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 11:21:16 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 11:36:19 GMT
server: AmazonS3
age: 82783
etag: "2829e4a40d4de23d5c4eed19328b8fcb"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
content-length: 29565
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
x-amz-cf-id: 9FL1BGbdkGeYe5Kh2pt00ulwKv40QI3X8zhdViRXmBTd7COqups-6Q==

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 16ms
15ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: HIT
age: 5134548
cf-ray: 57fd4df4cb8ad6e9-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sat, 27 Mar 2021 17:42:17 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 koronatikla.jpg
koronavirusnerede.com/koronavirus/wp-content/uploads/2020/03/ 47 KB
47 KB 294ms
294ms Image
image/jpeg 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koronavirusnerede.com/koronavirus/wp-content/uploads/2020/03/koronatikla.jpg
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 23626ebf8d108e03d05ee0b6617d10c480020b5730b2a39421d7b08b3bbe60b1

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
cf-cache-status: MISS
x-powered-by: PleskLin
status: 200
content-length: 48097
last-modified: Wed, 18 Mar 2020 08:49:17 GMT
server: cloudflare
etag: "bbe1-5e71e08d-dbad48cb86f9144b;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 57fd4df5a806c27c-FRA
expires: Mon, 13 Apr 2020 17:38:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160645602-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3822
date: Mon, 06 Apr 2020 16:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Mon, 06 Apr 2020 18:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 15ms
13ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=601353069&t=pageview&_s=1&dl=https%3A%2F%2Fkoronavirusnerede.com%2F&ul=en-us&de=UTF-8&dt=Koronavir%C3%BCs%20T%C3%BCrkiye%27de%20nerede%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=2045661490&gjid=160762535&cid=1479482745.1586194937&tid=UA-160645602-1&_gid=1294483122.1586194937&_r=1&gtm=2ou3p1&z=1758172445

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 264 KB
90 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7037cd810dfbe3f913ba602973be4887f9a206e07fb160f81f0d6e0c4f91b98e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 91633
x-xss-protection: 0
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 283 B
605 B 146ms
48ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=626408
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 41f956643d28e9a976a5d8df8d68ac75e322072b5cc1c4237bbb7bebf8ec09ad

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 17:26:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: GB
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 59 KB
22 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b89b04dee94b56ec6b79dd5cf40ebaf61476136aba847f733e7e18378a6c923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 22412
x-xss-protection: 0
last-modified: Mon, 06 Apr 2020 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H/1.1

200
OK

pix
ads.rekmob.com/retarget/
Redirect Chain

https://x.bidswitch.net/sync?ssp=reklamstore
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=xR0IuaXW4aFVJSzvohgaUl6m&ssp=reklamstore
https://ads.rekmob.com/retarget/pix?id=bs&cv=40935a4c-fc2e-446f-bd30-51a1894b477b&d=1

35 B
403 B

32ms
31ms

Image
image/gif

146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/retarget/pix?id=bs&cv=40935a4c-fc2e-446f-bd30-51a1894b477b&d=1
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 17:26:43 GMT
Server: nginx/1.9.6
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

status: 302
date: Mon, 06 Apr 2020 17:42:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ads.rekmob.com/retarget/pix?id=bs&cv=40935a4c-fc2e-446f-bd30-51a1894b477b&d=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koronavirusnerede.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 20ms
20ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koronavirusnerede.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032401.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 68ms
68ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js?21065811

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 13:43:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62966
x-xss-protection: 0
expires: Mon, 06 Apr 2020 17:42:17 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 13:45:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:25 GMT
server: sffe
age: 187015
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11504
x-xss-protection: 0
expires: Sun, 04 Apr 2021 13:45:22 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Apr 2020 12:35:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 191202
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11380
x-xss-protection: 0
expires: Sun, 04 Apr 2021 12:35:35 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 17ms
16ms Font
application/octet-stream 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
cf-cache-status: HIT
age: 5857112
cf-ray: 57fd4df7ad9ddfe3-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 77160
last-modified: Thu, 17 May 2018 09:19:53 GMT
server: cloudflare
etag: "5afd4939-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
expires: Sat, 27 Mar 2021 17:42:17 GMT
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
fonts.gstatic.com/s/ptsans/v11/ 7 KB
7 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0yExcOPIDUg-g.woff2

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 08:56:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:49 GMT
server: sffe
age: 809137
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7264
x-xss-protection: 0
expires: Sun, 28 Mar 2021 08:56:40 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
fonts.gstatic.com/s/ptsans/v11/ 7 KB
7 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin-ext
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 14:41:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:33 GMT
server: sffe
age: 2430049
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7288
x-xss-protection: 0
expires: Tue, 09 Mar 2021 14:41:28 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 321 B
621 B 196ms
97ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=626583
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 28b7f450fb575d15ddd68bd7a3fe0ad6ba94a548ed5d1bc49f54d1792ac22f34

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 17:26:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: GB
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 173 B
453 B 143ms
6ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=koronavirusnerede.com&domain=koronavirusnerede.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 49fae7e6bb203364e4d724d6aa96ee75e534c84eeba3a137e5199b61106eba61

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: gzip
age: 1319
x-cache: HIT
status: 200
x-cache-hits: 2
content-length: 132
x-served-by: cache-fra19122-FRA
access-control-allow-origin: *
x-timer: S1586194938.705364,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 04 Apr 2020 17:20:18 GMT

GET
DATA 200
OK truncated
/ 992 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 925bcbb038c3c4b13813cf213600df70109ae80faa250b2ea7f89c2e3267aaad

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 getData.php Show response
koronavirusnerede.com/root/ 46 KB
6 KB 201ms
201ms XHR
text/html 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/root/getData.php
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/jquerySource/jquery-2.0.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.34, PleskLin
Resource Hash: f86fc4c6ab41c0f1c3658809025417e41570665a2d12f49402e48c2a743f2070

Request headers

Accept: */*
Referer: https://koronavirusnerede.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.34, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df7ee12c27c-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 getLastNews.php Show response
koronavirusnerede.com/koronavirus/posts/ 781 B
538 B 174ms
173ms XHR
text/html 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/koronavirus/posts/getLastNews.php
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/jquerySource/jquery-2.0.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.34, PleskLin
Resource Hash: 9190573444d85d9c611d4bb27112bb9b4c0e43aecce8095bce012b703feb195b

Request headers

Accept: */*
Referer: https://koronavirusnerede.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.34, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df7ee17c27c-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK init.js Show response
bank.reklamstore.com/ 125 KB
28 KB 187ms
65ms Script
application/javascript 104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/init.js?v1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: 4a817139fe877b8df982b07e0c18d6ca35d753595fd1c54ca2c0b9eefd9df201

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 06 Apr 2020 16:38:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 13:16:00 GMT
Server: nginx/1.14.0
Etag: eccbc87e4b5ce2fe28308fd9f2a7baf3
Vary: Accept-Encoding
P3P: policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 27844
Expires: Mon, 06 Apr 2020 18:42:17 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 156 B
1 KB 102ms
42ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

39b2c1d17fa13a01561000b5b0a4995bcf65768e74ad28b71ff0ba4340e57f50

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Proxy-Origin: 185.169.255.134; 185.169.255.134; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 56991fe4-8829-4266-831f-b231ed822254
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://koronavirusnerede.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 156
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/ Show response
adx.adform.net/adx/
Redirect Chain

https://adx.adform.net/adx/?rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp

33 B
565 B

163ms
163ms

Script
text/javascript

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

99ced8ffd5d12f097e3de20deb1b3bd16bf2ea33fbf2a4c3d63a70c5834b644b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:18 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 158
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:17 GMT
server: nginx
access-control-allow-origin: *
location: https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTc5NDc4NA%3D%3D&callback=adf__pO8jLxTsJFFSTRf2cYvp
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html; charset=utf-8
expires: -1

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 5 KB
2 KB 234ms
141ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=5f22bc8cdcbb4aa4919bf42ff0941d26&ufid=pO8jLxTsJFFSTRf2cYvp&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__pO8jLxTsJFFSTRf2cYvp&ref=koronavirusnerede.com&_=1586194937766&crtg=-1&rc=1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: b59db723c5560fb90757cb26fa6436a8e3ff049e600875645c7f7caad69c1859

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 06 Apr 2020 17:26:42 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: GB
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
151 B 87ms
27ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=208&cb=82819565261
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Mon, 06 Apr 2020 17:42:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://koronavirusnerede.com
timing-allow-origin: *
vary: Origin

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
207 B 85ms
30ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Mon, 06 Apr 2020 17:42:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://koronavirusnerede.com
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 getCityData.php Show response
koronavirusnerede.com/root/ 13 KB
1 KB 128ms
127ms XHR
text/html 2606:4700:3032::6818:7771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirusnerede.com/root/getCityData.php
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/jquerySource/jquery-2.0.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6818:7771 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.34, PleskLin
Resource Hash: 56c894f983444d4abf6b4edd915194532f37fa01c4274fb0243398137b5c1164

Request headers

Accept: */*
Referer: https://koronavirusnerede.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/5.6.34, PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-turbo-charged-by: LiteSpeed
cf-ray: 57fd4df93952c27c-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1

200
OK

rs.js Show response
bank.reklamstore.com/
Redirect Chain

https://iq.reklamselfie.com/585ce73218044
https://bank.reklamstore.com/rs.js

24 B
378 B

61ms
39ms

Script
application/javascript

104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/rs.js
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 16:38:51 GMT
Last-Modified: Tue, 21 Feb 2017 07:13:43 GMT
Server: nginx/1.14.0
ETag: "18-549051ec0ae13"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24

Redirect headers

Location: https://bank.reklamstore.com/rs.js
Date: Mon, 06 Apr 2020 17:42:32 GMT
Server: openresty/1.11.2.2
Connection: keep-alive
Content-Length: 167
Content-Type: text/html

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 994 B
1 KB 149ms
36ms Script
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e8b69f9c7a4d
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a2aafec4ee284ed40b64d213c796a6310835e1eaddfd3c8afb4514e545900542

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 06 Apr 2020 17:42:18 GMT
Content-Length: 994
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

anx.php Show response
bank.reklamstore.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID
https://bank.reklamstore.com/anx.php?uid=6518034339872072555

41 B
438 B

42ms
42ms

Script
text/javascript

104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/anx.php?uid=6518034339872072555
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: 3df0fabddf1bba4f64de80daf437d9dfcecaa93e9bf48fe7e9e23db2ae85cabd

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 16:38:51 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 41

Redirect headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 17:42:20 GMT
AN-X-Request-Uuid: 8f01977c-c490-4a44-9a23-217ee318abe7
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://bank.reklamstore.com/anx.php?uid=6518034339872072555
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.169.255.134; 185.169.255.134; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx.php Show response
bank.reklamstore.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm=&google_tc=
https://bank.reklamstore.com/adx.php?google_gid=CAESEO_HOJWeegVnuoAL-geD994&google_cver=1

49 B
456 B

39ms
39ms

Script
text/javascript

104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adx.php?google_gid=CAESEO_HOJWeegVnuoAL-geD994&google_cver=1
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: cc73267cd6a970c1a565aa546dbbb45bf3ca3fca65fd384f2988636ad2b1fa30

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 16:38:51 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 49

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:18 GMT
server: HTTP server (unknown)
location: https://bank.reklamstore.com/adx.php?google_gid=CAESEO_HOJWeegVnuoAL-geD994&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform.php Show response
bank.reklamstore.com/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1068
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068
https://bank.reklamstore.com/adform.php?uid=5759305927880742139

41 B
438 B

40ms
39ms

Script
text/javascript

104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adform.php?uid=5759305927880742139
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: ff0ab48ae219e624b816a2fb6600cbb5642ca7a3b1bc1a0a879218d8bdeafb97

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 06 Apr 2020 16:38:51 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 41

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:19 GMT
server: nginx
access-control-allow-origin: *
location: https://bank.reklamstore.com/adform.php?uid=5759305927880742139
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
expires: -1

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12475/ 1 KB
2 KB 134ms
33ms Script
application/javascript 13.225.73.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12475/px.js
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6821d7bdf52b33e1a8d6fc7fd6a90ca62f753a3f4c4de52dcfe2285ebe8db085

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 01 Apr 2020 23:39:58 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 26 Jun 2019 15:39:51 GMT
Server: AmazonS3
Age: 410541
ETag: "1787b75236cbeaf2e68cc3e778682a57"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: TBgEoEk3V01yuDchQbytmBMoJ10_E0UtovuIStccIILyU0L0cAFRWg==

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 3 KB
2 KB 95ms
42ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=32852&s=koronavirusnerede.com&x=rekmob&nci=&adtg=5f22bc8cdcbb4aa4919bf42ff0941d26&nai=&si=30668&pn=&h=250&w=300&bp=&pp=&ci=&ip=185.169.255.134&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbef203e42fb2a75d59fd5e21b8374640ae7807ffc0ce8297fb13c668bb44dd

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1920
status: 200
x-amz-request-id: F163F0E86220AD9D
x-amz-id-2: t41anf1OP7YdnWENqyKy9LAN0ze6/+bLNpHOfrwW1piYIoKJZrtDwjvQx5+4f9/7Yzhwm/4KjjA=
last-modified: Wed, 25 Jul 2018 15:30:39 GMT
server: cloudflare
etag: W/"9f84b85eedc840e448384f1ad74aa599"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 57fd4dffeffa35b2-LHR
expires: Mon, 06 Apr 2020 19:42:18 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 26 KB
21 KB 30ms
30ms Script
application/javascript 104.16.53.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1586194938904&ver1=2.2.2&qid=230383f5530383f5434353&rnd=ph8qenbcsh4g&cid=544
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=32852&s=koronavirusnerede.com&x=rekmob&nci=&adtg=5f22bc8cdcbb4aa4919bf42ff0941d26&nai=&si=30668&pn=&h=250&w=300&bp=&pp=&ci=&ip=185.169.255.134&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.53.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbed5495859d7f724a2b7d570376b12982fc2570d9ad961c256b3824f09e135b

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1921
status: 200
x-amz-request-id: 6C4622F165426879
x-amz-id-2: MFBe3rv2ft4AIJAsN0uH/XiZTtD0DNOPF0I28Zctx5Rz1kBqAlIAKha3F0os4SoMAdqKIo5t8QQ=
last-modified: Thu, 20 Feb 2020 17:57:12 GMT
server: cloudflare
etag: W/"7de45af4887ac500b0ef88f91e40a815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-ray: 57fd4e00382d35b2-LHR
expires: Mon, 06 Apr 2020 19:42:18 GMT

GET
H2 200 n.js Show response
cdn.runative-syndicate.com/sdk/v1/ Frame D629 17 KB
9 KB 41ms
13ms Script
application/javascript 2606:4700::6810:d43b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e64a19f5d89bfe4ce40441df1fca881b7efa6088dd2bb4d87cba80c9db26363

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 17:42:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 09:02:50 GMT
server: cloudflare
age: 3160
etag: W/"5e3d27ba-4589"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 57fd4e008e1ddfdf-FRA
x-robots-tag: noindex, nofollow
expires: Mon, 06 Apr 2020 19:42:18 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 133ms
33ms Script
application/javascript 52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=10&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3c376d3aa366c0f4002d5f519bb730dfb66de51a4e753ef958b8223bfa682677

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Mon, 23 Mar 2020 17:35:34 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 132ms
33ms Script
application/javascript 52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&hn_ver=10&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

616d1c109b458f4af483a0d033532f7c7be98cba17ce39a9da64a7a9499617db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Mon, 23 Mar 2020 17:35:40 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame D629 471 B
911 B 146ms
33ms Image
image/png 13.225.73.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-6.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Apr 2020 21:06:14 GMT
Via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 121808
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Content-Length: 471
X-Amz-Cf-Id: ndTzsh6mR7j1x9ZaObcE2aCK3SmzMbz8x9mp1xZPxp8ImlZBG-m9wQ==

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
538 B 43ms
16ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1586194938969872&ver=1.2r80&qid=230383f5530383f5434353&p=32852&s=koronavirusnerede.com&x=rekmob&cid=544&od1=&od2=&adtg=5f22bc8cdcbb4aa4919bf42ff0941d26&nci=&nai=&si=30668&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=ph8qenbcsh4g&tps=45&ver1=2.2.2&ua=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/74.0.3729.169%20Safari/537.36&os=&mm=&di=&ip=185.169.255.134&ci=&pp=&bp=&w=300&h=250&pn=&1=cb006c235dc35361f71e40ded705a9ce&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%2267%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x1200&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=34&icp=https%253A//koronavirusnerede.com/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-21-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-145-os-fl-0-mm-fl-0-di-fl-0-ip-fl-15-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.1_undefined_null_0_undefined_false&fli=3846073032&flerr=0&trim=&fio=39
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: HIT
age: 5476
status: 200
content-type: image/gif
content-length: 26
x-amz-id-2: Ur8ngv1nEmHWKgbLx/lkfDJ1BgWcByTJDBE4zshCOj17MT5UyaKPE2mYFkikuhQQUDf8aeozMD8=
last-modified: Thu, 12 Jan 2017 21:28:05 GMT
server: cloudflare
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 6BAAD4564DABB5E8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 57fd4e00fa38c29f-FRA
expires: Mon, 06 Apr 2020 19:42:19 GMT

GET
H2 200 retargeting_get_cookie_params Show response
run-syndicate.com/api/c/ Frame D629 19 B
467 B 43ms
17ms Script
application/javascript 2606:4700::6811:22cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://run-syndicate.com/api/c/retargeting_get_cookie_params?format=jsonp&callback=callback_79XGv
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:22cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38ba0ca7a90cc6bf146341c21754cb91c9c62b617bcb8aacbcf1f7556422658

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
cf-ray: 57fd4e010e531f41-FRA
content-length: 19
x-request-id: 57fd4e010e531f41-FRA
expires: 0

GET
H2 200 n.css
cdn.runative-syndicate.com/sdk/v1/ Frame D629 8 KB
3 KB 15ms
14ms Stylesheet
text/css 2606:4700::6810:d43b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.runative-syndicate.com/sdk/v1/n.css
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccf521c1d2af06e7f1a8ec2435d5abaa364c9ec9750c642ef3cf9ccf1044773e

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 06 Apr 2020 17:42:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 09:02:50 GMT
server: cloudflare
age: 3161
etag: W/"5e3d27ba-1ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=7200
cf-ray: 57fd4e00ef2fdfdf-FRA
x-robots-tag: noindex, nofollow
expires: Mon, 06 Apr 2020 19:42:19 GMT

GET
H2 200 dynamic Show response
runative-syndicate.com/do2/0021491484f642abbd4e0255469a51d2/ Frame D629 3 KB
4 KB 57ms
56ms Script
application/javascript 2606:4700::6810:d43b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://runative-syndicate.com/do2/0021491484f642abbd4e0255469a51d2/dynamic?format=jsonp&count=1&extid=30668_75676&w=1600&h=1200&adtype=label-under&callback=callback_VBuyH
Requested by: Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974faee88b439ba948749dac6843b914d39b0eca463a9b313dcef8ca06a9b2e7

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
cf-ray: 57fd4e00ef37dfdf-FRA
content-length: 3136
x-request-id: 57fd4e00ef37dfdf-FRA
expires: 0

GET
DATA 200
OK truncated
/ Frame D629 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame D629 2 B
179 B 65ms
64ms Image
image/webp 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/m/imp?uid=5f22bc8cdcbb4aa4919bf42ff0941d26&udid=f2f4e99a7ebd4e68a9d21de943473a73&rid=NWU4YjY5ZjkwY2YyMTg1OGYwOGJkMTY3&adId=MTEzMg==
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Code: GB
Date: Mon, 06 Apr 2020 17:26:43 GMT
Server: nginx/1.9.6
Connection: keep-alive
Content-Length: 2
Content-Type: image/webp;charset=ISO-8859-1

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 0
344 B 93ms
93ms Script
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e8b69f9c7a4d&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=5e8b69f9c7a4d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 06 Apr 2020 17:42:19 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318
https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

95 B
865 B

59ms
34ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 17:42:21 GMT
AN-X-Request-Uuid: c85047f6-e636-405f-8b9b-4a1a7398e0b5
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=6d765699-90d9-4321-b3e4-2efb7b32f318
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.169.255.134; 185.169.255.134; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6d765699-90d9-4321-b3e4-2efb7b32f318
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=32E510A1-F7AA-46CA-8741-FA5F8FE22379&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

95 B
881 B

33ms
33ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=32E510A1-F7AA-46CA-8741-FA5F8FE22379&fid=6d765699-90d9-4321-b3e4-2efb7b32f318

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=32E510A1-F7AA-46CA-8741-FA5F8FE22379&fid=6d765699-90d9-4321-b3e4-2efb7b32f318
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 447
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&fck=2173a1cc0e8cf5dd&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=6ed32f12f4c1d5215de6a44f724abf72&fck=2173a1cc0e8cf5dd

95 B
708 B

37ms
36ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=6ed32f12f4c1d5215de6a44f724abf72&fck=2173a1cc0e8cf5dd

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer2-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync5-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=6ed32f12f4c1d5215de6a44f724abf72&fck=2173a1cc0e8cf5dd
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 57fd4e01af08e670-LHR
expires: 0

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318
https://s.cpx.to/ca.png?dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

95 B
804 B

39ms
38ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Mon, 06 Apr 2020 17:42:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:19 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=6d765699-90d9-4321-b3e4-2efb7b32f318&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=40935a4c-fc2e-446f-bd30-51a1894b477b&dsp=BIDSWITCH

95 B
882 B

36ms
35ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=40935a4c-fc2e-446f-bd30-51a1894b477b&dsp=BIDSWITCH

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=40935a4c-fc2e-446f-bd30-51a1894b477b&dsp=BIDSWITCH
Date: Mon, 06 Apr 2020 17:42:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&fck=2173a2c8452a30a9&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=dc1b8013721436e79c076c38c5e92a09&fck=2173a2c8452a30a9

95 B
708 B

33ms
32ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=dc1b8013721436e79c076c38c5e92a09&fck=2173a2c8452a30a9

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer2-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync5-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=dc1b8013721436e79c076c38c5e92a09&fck=2173a2c8452a30a9
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 57fd4e01af09e670-LHR
expires: 0

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26hn_ver%3D10%26fid%3D527489cf-531a-4f76-b56e-053ec32d4cfb
https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

95 B
865 B

59ms
33ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Apr 2020 17:42:21 GMT
AN-X-Request-Uuid: 9e3921ee-ea10-4338-9949-ee3f698e0cc1
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=6518034339872072555&pid=12475&ref=&hn_ver=10&fid=527489cf-531a-4f76-b56e-053ec32d4cfb
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.169.255.134; 185.169.255.134; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.42:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb
https://s.cpx.to/ca.png?dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

95 B
804 B

56ms
34ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Mon, 06 Apr 2020 17:42:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Mon, 06 Apr 2020 17:42:19 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=527489cf-531a-4f76-b56e-053ec32d4cfb&google_gid=CAESEMhGPCPAbGiC8pD4_rLRJSo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D527489cf-531a-4f76-b56e-053ec32d4cfb
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=749DCDF5-15D7-40C1-82A9-B6B7738EC1AA&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

95 B
881 B

55ms
35ms

Image
image/png

52.213.246.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=749DCDF5-15D7-40C1-82A9-B6B7738EC1AA&fid=527489cf-531a-4f76-b56e-053ec32d4cfb

Requested by

Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-246-150.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Mon, 06 Apr 2020 17:42:19 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=749DCDF5-15D7-40C1-82A9-B6B7738EC1AA&fid=527489cf-531a-4f76-b56e-053ec32d4cfb
Date: Mon, 06 Apr 2020 17:42:19 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 447
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 main.webp
cdn.runative-syndicate.com/images/9/9/eb6b1611cb9901edd54850ec852754433c380a/ Frame D629 8 KB
8 KB 13ms
12ms Image
image/webp 2606:4700::6810:d43b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.runative-syndicate.com/images/9/9/eb6b1611cb9901edd54850ec852754433c380a/main.webp
Requested by: Host: koronavirusnerede.com
URL: https://koronavirusnerede.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e7a813d232675cb35e948a9f41249e983befdeff0bb706521eef748c2d54e20

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: HIT
age: 2590
status: 200
content-length: 7742
x-robots-tag: noindex, nofollow
last-modified: Thu, 19 Mar 2020 14:29:40 GMT
server: cloudflare
etag: "5e7381d4-1e3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 57fd4e015822dfdf-FRA
expires: Mon, 06 Apr 2020 19:42:19 GMT

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
261 B 162ms
39ms XHR
text/html 104.248.139.51
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.248.139.51 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb1
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirusnerede.com/
Origin: https://koronavirusnerede.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 06 Apr 2020 16:38:51 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 0

GET
H2 200 p.gif
pixel.runative-syndicate.com/api/v1/p/ Frame D629 35 B
160 B 25ms
23ms Image
image/gif 2606:4700::6810:d43b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.runative-syndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQRI4xZGbAqEFjRgsZMGTkaEFDxscWYmjcINMCxgwZY3LgwJFRjAwcIhSGqTPG4Y0YOMLUSAmjBY4YYWJ0vJHjYo4aNcZ0rBEmzA0bMcqUWTlD5kAydg7CzKEQTh0xB2PEkJFwIBw4W6HaUDgHjkEdUTcqLIOHzhe3cEVMtGEDx5cbNWxAvTqmTVqENHLemEnGjFiFYty4ESvDhowZZtu4aagDswyFdeSwqdySBlsRdWQ4REOHDhwdL16EwUNmjh4XcOS8efGDThg5Z8rQ6dHiRhEhTqIMORMlyHMnMM4EcYKkiXMjQaIUkVIkyhspQ75LIVIlCXkpSZ5jyYFGyxEndsRcUWInCJUiXOrA0GgjDJseajgJBxj048-yMOAIcAYccihwv_7GSIOMHtxwogkjosgjCDiiSGMJGMyIook52kgiCSaWeO65KYpYUQo0VsQCB-dWXJEIMuR4Dgk6jLjDxiRiYEONLI64Co42tlKIjDeS1EGENd7YzY0w7EhDjjrmcKMMOcogowwXxmiyMOAOwmEGhcYIA64tYOjCKzlsQqgGF2hQSA47EJOhhtDqSOMmGyJS88ufahCDIxrMqOGGny5bigwczKCBIBxoKMOvMq6ao4w5HIqUjDHMkCEMjooyI4yOxuirBaTEKAkHMWxwNQwxbjgJqavSQEyEUWGIQYdEcUAoBxl0qCgGGnTw7Ko6wnCoiTf0SIMNNsJ4gU4YQEChCYLScIOON-ZAYwcQkvi2DDZA4HYMEJ6YAgQsQIgBhi-Q_aKGFEDgEA42yriiDDGWSIOOa2e4wYUZbNB2CSSoaIIJFkBgI401ygDhiDLGiDLfIdDYrY0yXriBBhdgQPiGjVyIwYYcQJgijFPlSKPggxMuTE4RiCjiKjZwLsKJq3J8AzIRwj0ITRG6fOzJ1l6bI7YXopyyyiuz3LLLL8Ns8oWr7nBoZf6uQuPrjGDQFE-HdvsNXDlaqMONgVuY14Uvg_a5iqvocDKGGnCIKgcajMqhDwUCAg%3D%3D&r=1&s=17b2091eb89ad0462000eb8b6d9d3b2beb15efdbc6d3d2f390f2733e487e38661586194939&w=t&ir=300x170
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:d43b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 57fd4e047a0edfdf-FRA
content-length: 35
x-robots-tag: noindex, nofollow
expires: Mon, 06 Apr 2020 21:42:19 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
230 B 12ms
12ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1586194939984&rnd=ph8qenbcsh4g&ifm=0&uai=1&cid=544&s=koronavirusnerede.com&p=32852&x=rekmob&adtg=5f22bc8cdcbb4aa4919bf42ff0941d26&ats=1600x1200&atf=&nsi=&si=30668&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//koronavirusnerede.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://koronavirusnerede.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 17:42:19 GMT
cf-cache-status: HIT
age: 3161
status: 200
content-type: image/gif
content-length: 26
x-amz-id-2: hodQlIaMPtL3OSBlVJzyFfUtpFpXacwDjZxnJJSXOh8d8MBL5+IjQotixAXK9DQeuV2pFweZHVg=
last-modified: Wed, 05 Apr 2017 17:26:13 GMT
server: cloudflare
etag: "6a43099d5c8fe991a7aa7ebaca53069d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 4D7ABF76531A11F9
cache-control: public, max-age=7200
x-amz-meta-s3b-last-modified: 20170405T172547Z
accept-ranges: bytes
cf-ray: 57fd4e06ea42c29f-FRA
expires: Mon, 06 Apr 2020 19:42:19 GMT

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
koronavirusnerede.com/	1970-01-19 08:36:38	Name: rekmob_splash_5f22bc8cdcbb4aa4919bf42ff0941d26 Value: 0
koronavirusnerede.com/	1970-01-19 08:38:01	Name: rekmob_last_seen_5f22bc8cdcbb4aa4919bf42ff0941d26 Value: 1586194938940
koronavirusnerede.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: i7p2aifbl5up09uftqfhta4v91
koronavirusnerede.com/	1970-01-19 17:22:10	Name: rekmob_props_626583 Value: %7B%22date%22%3A1586194937739%2C%22rekJs%22%3A%7B%22rekmob_ad_unit_type%22%3A1%2C%22rekmob_native_type%22%3Anull%2C%22rekmob_ad_width%22%3A300%2C%22rekmob_fixed_cpm%22%3A0%2C%22rekmob_network_ids%22%3A%22anx_placement_id%3D18803456%3Badf_placement_id%3D794784%3Bcrt_id%3D1%22%2C%22rekmob_ad_unit%22%3A%225f22bc8cdcbb4aa4919bf42ff0941d26%22%2C%22rekmob_app_type%22%3A0%2C%22rekmob_ad_height%22%3A250%2C%22region_id%22%3A626583%7D%2C%22countryCode%22%3A%22GB%22%2C%22cookieTime%22%3A1586194937762%7D
.koronavirusnerede.com/	1970-01-20 02:07:46	Name: _ga Value: GA1.2.1479482745.1586194937
koronavirusnerede.com/	1970-01-19 17:22:10	Name: bidswitch_last_time Value: 1586194937529
koronavirusnerede.com/	1970-01-19 18:05:22	Name: _cb_ls Value: 1
.koronavirusnerede.com/	1970-01-19 08:36:34	Name: _gat_gtag_UA_160645602_1 Value: 1
koronavirusnerede.com/	1970-01-19 17:22:10	Name: rekmob_props_626408 Value: %7B%22date%22%3A1586194937651%2C%22rekJs%22%3A%7B%22rekmob_ad_unit_type%22%3A9%2C%22rekmob_native_type%22%3Anull%2C%22rekmob_fixed_cpm%22%3A0%2C%22rekmob_network_ids%22%3A%22anx_placement_id%3D18782392%3Badf_placement_id%3D793807%2C793809%3Bcrt_id%3D1%22%2C%22rekmob_ad_unit%22%3A%22fb61eb7b3f0f46f78ed43eb1d550ee45%22%2C%22rekmob_app_type%22%3A0%2C%22region_id%22%3A626408%7D%2C%22countryCode%22%3A%22GB%22%2C%22cookieTime%22%3A1586194937676%7D
.koronavirusnerede.com/	1970-01-19 08:38:01	Name: _gid Value: GA1.2.1294483122.1586194937
.koronavirusnerede.com/	1970-01-19 09:19:46	Name: __cfduid Value: d3a29dc6081054d366b05d46e00fbaef81586194936

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: #koronavirus# #koronavirus haritasi# #koronavirus haberleri# #koronavirus hangi şehirde# #koronavirus hangi ilde# #koronavirus ölu sayisi#
console-api	log	(Line 1) Message: #koronavirus# #koronavirus haritasi# #koronavirus haberleri# #koronavirus hangi şehirde# #koronavirus hangi ilde# #koronavirus ölu sayisi#
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: false,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: RM Results: rmb: 0.0000052850523323809386, size: 300x250
console-api	log	URL: https://adserver.reklamstore.com/reklamstore.js(Line 1) Message: [object Object]
console-api	log	URL: https://bank.reklamstore.com/rs.js(Line 1) Message: rsjs1011
console-api	log	(Line 1) Message: #koronavirus# #koronavirus haritasi# #koronavirus haberleri# #koronavirus hangi şehirde# #koronavirus hangi ilde# #koronavirus ölu sayisi#

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adimg.rekmob.com
ads.rekmob.com
adserver.reklamstore.com
adservice.google.com
adservice.google.de
adx.adform.net
bank.reklamstore.com
bidder.criteo.com
cdn.runative-syndicate.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dmp.adform.net
dmp.truoptik.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
iq.reklamselfie.com
koronavirusnerede.com
mab.chartbeat.com
p.cpx.to
pixel.runative-syndicate.com
pixel.yabidos.com
pool.grid-data.bidswitch.net
pre.glotgrx.com
prebid-eu.creativecdn.com
ps.eyeota.net
run-syndicate.com
runative-syndicate.com
s.cpx.to
secure.adnxs.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
web.webpushs.com
www.amcharts.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
104.16.53.4
104.16.92.60
104.248.139.51
104.26.6.186
13.224.193.11
13.225.73.6
13.225.73.69
146.185.142.91
172.217.22.98
178.250.2.131
18.184.216.10
18.195.193.185
18.195.73.23
185.184.8.30
185.33.220.243
185.33.220.244
185.64.190.80
188.165.27.173
195.181.175.52
216.58.207.34
2600:9000:21f3:7200:1c:4bbb:9180:93a1
2606:4700:3032::6818:7771
2606:4700::6810:3f36
2606:4700::6810:d43b
2606:4700::6811:22cd
2606:4700::6811:4004
2a00:1450:4001:817::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a02:2638::3
2a04:4e42:3::714
37.157.3.29
37.157.6.242
46.101.136.217
52.213.246.150
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0c8c455abda17b852539682cd8c9a3375c7747c58bc498d4997306d0dbe65189
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
2349fb15e8c4007b69cbbd75055073e8f796a4a6d3c25e969cad8e7149ccccf9
23626ebf8d108e03d05ee0b6617d10c480020b5730b2a39421d7b08b3bbe60b1
28b7f450fb575d15ddd68bd7a3fe0ad6ba94a548ed5d1bc49f54d1792ac22f34
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b89b04dee94b56ec6b79dd5cf40ebaf61476136aba847f733e7e18378a6c923
34401e82a1141472df1697a141aa50812c17e6138424ca4caba5f3fc69885f4a
37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41
39b2c1d17fa13a01561000b5b0a4995bcf65768e74ad28b71ff0ba4340e57f50
39fc0dd16da25dd8dfa21bfc93db61d407bfc53ce6ef5f34c99926b439034aa9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c376d3aa366c0f4002d5f519bb730dfb66de51a4e753ef958b8223bfa682677
3df0fabddf1bba4f64de80daf437d9dfcecaa93e9bf48fe7e9e23db2ae85cabd
41f956643d28e9a976a5d8df8d68ac75e322072b5cc1c4237bbb7bebf8ec09ad
49fae7e6bb203364e4d724d6aa96ee75e534c84eeba3a137e5199b61106eba61
4a817139fe877b8df982b07e0c18d6ca35d753595fd1c54ca2c0b9eefd9df201
4b6d0acaece71abd272b5aa622a27d1c0fb0daf034e7b6266a098e7e44a66e5c
4e7a813d232675cb35e948a9f41249e983befdeff0bb706521eef748c2d54e20
56c894f983444d4abf6b4edd915194532f37fa01c4274fb0243398137b5c1164
616d1c109b458f4af483a0d033532f7c7be98cba17ce39a9da64a7a9499617db
6821d7bdf52b33e1a8d6fc7fd6a90ca62f753a3f4c4de52dcfe2285ebe8db085
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7037cd810dfbe3f913ba602973be4887f9a206e07fb160f81f0d6e0c4f91b98e
77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82d06da0ba3980200c98fba990fe1b3041f5b709b3e38819aaff4b538f35a0a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be8c3d039e399f661dd58b3858f37bd890643f1c475d97ae5131b939a3a216
87dfeb0d038d09861ae4fd72a6de0c878e7dba2225970cead3e15cec0e1020ed
89191564065a059febf1b94407f9c16967f8e2222e9bcc6422d3143348d913e1
9190573444d85d9c611d4bb27112bb9b4c0e43aecce8095bce012b703feb195b
925bcbb038c3c4b13813cf213600df70109ae80faa250b2ea7f89c2e3267aaad
93754144e2096e686c319fa47b7ebf8352e96597ac4a720190bc41fe38db1b7d
974faee88b439ba948749dac6843b914d39b0eca463a9b313dcef8ca06a9b2e7
99ced8ffd5d12f097e3de20deb1b3bd16bf2ea33fbf2a4c3d63a70c5834b644b
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9e64a19f5d89bfe4ce40441df1fca881b7efa6088dd2bb4d87cba80c9db26363
9eb40ba7b2a0c8e556434919191c56626cae8336393ba068f35b0b450af22b4f
9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9
a2aafec4ee284ed40b64d213c796a6310835e1eaddfd3c8afb4514e545900542
b59db723c5560fb90757cb26fa6436a8e3ff049e600875645c7f7caad69c1859
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c38ba0ca7a90cc6bf146341c21754cb91c9c62b617bcb8aacbcf1f7556422658
cc73267cd6a970c1a565aa546dbbb45bf3ca3fca65fd384f2988636ad2b1fa30
ccf521c1d2af06e7f1a8ec2435d5abaa364c9ec9750c642ef3cf9ccf1044773e
d2178809ce4352f9b3549a69c95b1ffd69cebc2b9bb3dc1c16e9b92fa80bbf8d
d8435911753d7e931e1dda44b3ec12ce5158d6389131eadb584f0097a809c901
dbed5495859d7f724a2b7d570376b12982fc2570d9ad961c256b3824f09e135b
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dadf32ae8bf81b078bbae8f84fc29af165f77a84f8e1e934a7430630b64bdd
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb87a7f398ab03411eea662b819f9a3426c37ed6f6dd8a8fe6b93c0cc00dccba
ecbef203e42fb2a75d59fd5e21b8374640ae7807ffc0ce8297fb13c668bb44dd
eeb684fd76ea91bcf4742f58611f7663af8b7011f1d42da5f9603c0b37e8a4f6
f86fc4c6ab41c0f1c3658809025417e41570665a2d12f49402e48c2a743f2070
ff0ab48ae219e624b816a2fb6600cbb5642ca7a3b1bc1a0a879218d8bdeafb97

koronavirusnerede.com Open in urlscan Pro 2606:4700:3032::6818:7771 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

37 %IPv6

30 Domains

41 Subdomains

30 IPs

10 Countries

996 kBTransfer

2931 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

koronavirusnerede.com Open in urlscan Pro
2606:4700:3032::6818:7771 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

37 %
IPv6

30
Domains

41
Subdomains

30
IPs

10
Countries

996 kB
Transfer

2931 kB
Size

11
Cookies

76 HTTP transactions
2 data transactions