urlscan.io logo urlscan.io
SecurityTrails logo

covid19newyear.com Open in urlscan Pro
2606:4700:90:0:3626:d0ff:6957:de1  Public Scan

Go To Rescan Add Verdict Report
URL: https://covid19newyear.com/
Submission Tags: phishingrod
Submission: On May 04 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 37 HTTP transactions. The main IP is 2606:4700:90:0:3626:d0ff:6957:de1, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid19newyear.com.
TLS certificate: Issued by R3 on May 4th 2023. Valid for: 3 months.
This is the only time covid19newyear.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:90:0:3626:d0ff:6957:de1 (United States)

ASN13335 (CLOUDFLARENET, US)
covid19newyear.com
7    2606:4700::6812:12d7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets-app-production-pubnet.bndzgl.com
4    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2600:9000:2057:5c00:7:56a2:7e40:21 (United States)

ASN16509 (AMAZON-02, US)
d10j3mvrs1suex.cloudfront.net
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    52.95.190.68 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: s3-w.ca-central-1.amazonaws.com
bzglfiles.s3.amazonaws.com
3    2a09:8280:1::a:6d46 (United States)

ASN40509 (FLY, US)
stats.zoogletools.net
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d10j3mvrs1suex.cloudfront.net
1 MB
7 bndzgl.com
assets-app-production-pubnet.bndzgl.com — Cisco Umbrella Rank: 159650
273 KB
6 covid19newyear.com
covid19newyear.com
56 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
3 zoogletools.net
stats.zoogletools.net — Cisco Umbrella Rank: 199733
1 KB
3 amazonaws.com
bzglfiles.s3.amazonaws.com
47 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2218
2 KB
37 8
Domain Requested by
11 d10j3mvrs1suex.cloudfront.net covid19newyear.com
7 assets-app-production-pubnet.bndzgl.com covid19newyear.com
assets-app-production-pubnet.bndzgl.com
6 covid19newyear.com assets-app-production-pubnet.bndzgl.com
4 fonts.googleapis.com covid19newyear.com
3 stats.zoogletools.net covid19newyear.com
stats.zoogletools.net
3 bzglfiles.s3.amazonaws.com covid19newyear.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.paypalobjects.com covid19newyear.com
37 8

This site contains links to these domains. Also see Links.

Domain
d10j3mvrs1suex.cloudfront.net
1000millionfoundation.com
www.paypal.com
Subject Issuer Validity Valid
covid19newyear.com
R3		 2023-05-04 -
2023-08-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-02 -
2024-04-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
stats.zoogletools.net
R3		 2023-03-16 -
2023-06-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid19newyear.com/
Frame ID: 40686766098A4BC6F136E9CF48DC6E5A
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ExoticsUSA by Dolla50

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

37
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

1875 kB
Transfer

5571 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid19newyear.com/ 		133 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
17d4502ad55f13fba12bb306e9a195f0646346b423a5f3611a17afcc388da46b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
max-age=0, public, s-maxage=31556952
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
date
Thu, 04 May 2023 04:03:49 GMT
etag
W/"1b627c0d2101499c166ead2c67ebf056"
last-modified
Thu, 04 May 2023 04:03:12 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
openresty
strict-transport-security
max-age=604800
x-clacks-overhead
GNU Terry Pratchett
x-content-digest
ff47097df667cb9f1d2567058bdcd81974a396b6
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY
x-permitted-cross-domain-policies
none
x-rack-cache
miss, store
x-request-id
0d98c5cc64b7e02ec598ec5c162355ee 0d98c5cc64b7e02ec598ec5c162355ee
x-runtime
0.347459
x-xss-protection
1; mode=block
application-f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab.css
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 		325 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab.css
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
569858
cf-cache-status
HIT
content-length
46182
x-xss-protection
1; mode=block
x-request-id
03c37dbb0b1be8cd26176a5ace836095
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 24 Apr 2023 14:42:12 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2aa93619ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
frontier-9465b2e7.css
assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/ 		193 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite/themes/frontier-9465b2e7.css
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e523002f4cd8fbd35a546f1de6ceffbd269c4cf2b6b20d5f35fd16b66e662959
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
5631398
cf-cache-status
HIT
content-length
16824
x-xss-protection
1; mode=block
x-request-id
419136d4f8ac1db171b521403364ec86
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 27 Feb 2023 16:11:35 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2aa93a19ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
css2
fonts.googleapis.com/ 		810 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
083f2dbea22cbb0338db8ee2dfe61e30423b37cd27b2aaf2fd21f0417d86b379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 May 2023 02:26:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 May 2023 04:03:49 GMT
css2
fonts.googleapis.com/ 		818 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300&display=swap
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f86b0213f05813436bcf702dc838499e43a9a6e3f4685e0c21b7e35cb16da5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 May 2023 03:58:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 May 2023 04:03:49 GMT
css2
fonts.googleapis.com/ 		2 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Playfair+Display:wght@700&display=swap
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad600649eaecf33274246a2194cfa795da89418d6a1da36578d0bb75fdb7f1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 May 2023 02:09:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 May 2023 04:03:49 GMT
css2
fonts.googleapis.com/ 		3 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f98657704f7defa083fc3db5d395ec83aa0e0a097d60ee3dc72135cb7698519f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 May 2023 03:47:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 May 2023 04:03:49 GMT
application-817dd594dc26089930991e13a9ee5a245d9692fe95150a67bf45f1b893b60461.js
assets-app-production-pubnet.bndzgl.com/assets/usersite/ 		383 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-817dd594dc26089930991e13a9ee5a245d9692fe95150a67bf45f1b893b60461.js
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817dd594dc26089930991e13a9ee5a245d9692fe95150a67bf45f1b893b60461
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
2294997
cf-cache-status
HIT
content-length
123558
x-xss-protection
1; mode=block
x-request-id
ba65f2f538c33d186bd507c36b44c1bd
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Tue, 04 Apr 2023 23:41:32 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2aa93c19ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
usersite-7cf8e98240b636835ed4.js
assets-app-production-pubnet.bndzgl.com/packs/js/ 		316 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a91d8b658e1ccf32c68c7f94f6038c2e12a6dc08699b79ec979ebcb636f6e37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
745122
cf-cache-status
HIT
content-length
70658
x-xss-protection
1; mode=block
x-request-id
cc9d043a7bf193e11f5b30df2a7e17be
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Tue, 25 Apr 2023 10:02:16 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2b49ae19ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
usersite-eb0ed5fd.css
assets-app-production-pubnet.bndzgl.com/packs/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/packs/css/usersite-eb0ed5fd.css
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
572439
cf-cache-status
HIT
content-length
2532
x-xss-protection
1; mode=block
x-request-id
12a722ad4e7e672673758971a28cdbef
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Tue, 07 Mar 2023 15:09:35 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2aa93819ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/5411546d2ff43687e06add82a935be9f842744f4/original/g.jpg/!!/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/5411546d2ff43687e06add82a935be9f842744f4/original/g.jpg/!!/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
8960da3d746dae5abc8b585e6f4885ab2a4d12f812889bb8225946e36bca150e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:52 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDTMBB6MJ9BEK1NZADX4-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/5411546d2ff43687e06add82a935be9f842744f4/original/g.jpg/!!/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/5411546d2ff43687e06add82a935be9f842744f4/original/g.jpg","commands":[["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
Pd5lIAfeUvudv0PRO95vRiGyFLHmNbHAqy-aOXtCCe-zn5P1YuXFHg==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/627a974649650a24acf301fba16d5d9ebc09cded/original/infinity.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/627a974649650a24acf301fba16d5d9ebc09cded/original/infinity.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
006a79dd81e8833550a97c55edad51613680f720b22383a16651e21389338a7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDTXXD41QZYM6D8NKRN6-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/627a974649650a24acf301fba16d5d9ebc09cded/original/infinity.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/627a974649650a24acf301fba16d5d9ebc09cded/original/infinity.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
d-WnRg3F5FMNJaGiyByHWrOy6j18iyEcBlQrdjtDxoZGzaKqbyt66w==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e14d7c273e514708dc918c0f5d89debd08e03232/original/now-what.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e14d7c273e514708dc918c0f5d89debd08e03232/original/now-what.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
7633826665581554558051253ef3a1e799aa22e65061613efca2c9811b554a33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDTWEQXC47460K55ZRZ0-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/e14d7c273e514708dc918c0f5d89debd08e03232/original/now-what.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/e14d7c273e514708dc918c0f5d89debd08e03232/original/now-what.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
LNA3s5DY7f4wrvGLZOy9qiYEMQj9vTGj5b5m3Hp7qEygfH12Ivw8Zg==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/147dad3310c40df08df36d249ab5729f6f64046b/original/laww.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/147dad3310c40df08df36d249ab5729f6f64046b/original/laww.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
db3607cac9ed1254851e50e5fd2efe724a74ae77bac41bca0ef3bb3e109fa833

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDTTMHKXW6Q7CREY44ND-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/147dad3310c40df08df36d249ab5729f6f64046b/original/laww.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/147dad3310c40df08df36d249ab5729f6f64046b/original/laww.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
tC9W2feccgeNPd5FD6tUPdRcxU2GQdvVeKBpPbGrOT2efX7g1KZo7Q==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e1f4fde81dbd131f1c599fe600a58f50aacec498/original/greyhound.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e1f4fde81dbd131f1c599fe600a58f50aacec498/original/greyhound.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
40678f56124cd3e519319acfaa017225d18555869dfd91de671dc5a53f1febb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV1Q3P3EPW44WS9ECT6-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/e1f4fde81dbd131f1c599fe600a58f50aacec498/original/greyhound.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/e1f4fde81dbd131f1c599fe600a58f50aacec498/original/greyhound.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
slcqqcmKaUdcx7fPXWc6NgcoFndP9-ybjVeexhQ1qO87oQXRCTep8Q==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.gif
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/1dc37d7773de6d90f8ad3a17a73a06bf38532b8d/original/scales.gif/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/1dc37d7773de6d90f8ad3a17a73a06bf38532b8d/original/scales.gif/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.gif
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
418c4a03a9ee60533af51fab92473fb94d46aa48ac50d26267637227ae973813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV0CA1XXYYM6PPA97DP-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/1dc37d7773de6d90f8ad3a17a73a06bf38532b8d/original/scales.gif/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.gif","src":"u/533077/1dc37d7773de6d90f8ad3a17a73a06bf38532b8d/original/scales.gif","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["gif"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"gif","contentType":"image/gif"}
x-amz-cf-id
owtz84nqXYzohohGV5f1bm9NK1rCpUu0Wfh6kZXFbTS-YDJ_uzf5gg==
btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCD) /
Resource Hash
4fb15dce7fe6fe37f90017fb3a173263d2698ca0d530da6a30d4383afebdfffe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
ECAcc (frc/4CCD)
etag
"5d5637bd-63d"
x-cache
HIT
content-type
image/gif
paypal-debug-id
dda6c70457ad6
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
1597
expires
Thu, 04 May 2023 05:03:49 GMT
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e176b55cbfac77c009c9f33fa5abe13f3834a927/original/castle.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e176b55cbfac77c009c9f33fa5abe13f3834a927/original/castle.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
b136170f9a2678a08d0da8a1a147a58983ee66d62c7ca6b1882db1b4e7f577bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV3A65A04J4BWEATFDP-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/e176b55cbfac77c009c9f33fa5abe13f3834a927/original/castle.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/e176b55cbfac77c009c9f33fa5abe13f3834a927/original/castle.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
8Fxr2neWbfyZOaY4BVuS2anTfCuRClusC_c4SuBbJughmlwRaWEdfA==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/3c7f40be88f0d1ff990fa19b9e25b1a8a5607579/original/1g-2.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/3c7f40be88f0d1ff990fa19b9e25b1a8a5607579/original/1g-2.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
b2c0dfca55b9ef5fe32a38070b285302f6cfb383dc2e76b041dba46a0f515367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV5ZPG3BE8MGE088NWM-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/3c7f40be88f0d1ff990fa19b9e25b1a8a5607579/original/1g-2.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/3c7f40be88f0d1ff990fa19b9e25b1a8a5607579/original/1g-2.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
v29tjm2M1aqKhoVLzyWDG5zvDhFSUyYZPLxrgIIyQe_-_S3l7ajj-Q==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/af623d7e5d4000f539ea5a030d648c40c5f52edd/original/hand-using-gold-color-king-chess-is-kill-silver-color-king-chess-101448-853.jpg/!!/b%3AW1sicmVza... 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/af623d7e5d4000f539ea5a030d648c40c5f52edd/original/hand-using-gold-color-king-chess-is-kill-silver-color-king-chess-101448-853.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
cfed0c2adeb1f99c14e9f0d69c4262bedb7f997c5b89f1a35baaec14ba31d5a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDVGSCPBBQEBW8TD122Y-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/af623d7e5d4000f539ea5a030d648c40c5f52edd/original/hand-using-gold-color-king-chess-is-kill-silver-color-king-chess-101448-853.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/af623d7e5d4000f539ea5a030d648c40c5f52edd/original/hand-using-gold-color-king-chess-is-kill-silver-color-king-chess-101448-853.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
sDxXeZkfozrh7tIx284t29gr32-KqKDAMypoSnD7LcRQg23ce2GOpA==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/3c1fb6ff56255258887c8e89c9a85f1c4265f7a2/original/check.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/3c1fb6ff56255258887c8e89c9a85f1c4265f7a2/original/check.jpg/!!/b%3AW1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ%3D%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
eb941f847573c046ee640fa5f3a19b1ff595a00e4624dbd32adabc4c12deecbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV7G2DCPZ8NGNXZJ18R-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/3c1fb6ff56255258887c8e89c9a85f1c4265f7a2/original/check.jpg/!!/b:W1sicmVzaXplIixbMjAwLDIwMF1dLFsiY3JvcCJdXQ==/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/3c1fb6ff56255258887c8e89c9a85f1c4265f7a2/original/check.jpg","commands":[["resize",[200,200],null,{"fit":"cover"}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
_fwg4SWwn6Jc1ZMkovm6KaXXdzwzp2XX03dngPeAYwq44-zu8ZrBTg==
meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e11c27c7678e1b21f552f37934ec74632063941f/original/benz.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10j3mvrs1suex.cloudfront.net/s:bzglfiles/u/533077/e11c27c7678e1b21f552f37934ec74632063941f/original/benz.jpg/!!/b%3AW1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0%3D/meta%3AeyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ%3D%3D.jpg
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:7:56a2:7e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) / Express
Resource Hash
71107e50e7cc280a8afc13b01a9a7ba9c47acc0c39af7bc35843e559fdd5715c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
via
1.1 fly.io, 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
fly-request-id
01GZJEWDV41YSY0P0YSX64WJ5V-fra
server
Fly/199ec4d3 (2023-04-25)
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-zoogle-commands
{"base":"s:bzglfiles/u/533077/e11c27c7678e1b21f552f37934ec74632063941f/original/benz.jpg/!!/b:W1sicmVzaXplIiwxODAwXSxbIm1heCJdLFsid2UiXV0=/meta:eyJzcmNCdWNrZXQiOiJiemdsZmlsZXMifQ==.jpg","src":"u/533077/e11c27c7678e1b21f552f37934ec74632063941f/original/benz.jpg","commands":[["resize",1800,null,{"fit":"inside","withoutEnlargement":true}],["toFormat",["webp"]]],"meta":{"srcBucket":"bzglfiles"},"ext":"webp","contentType":"image/webp"}
x-amz-cf-id
4I7pI5sWve3p91J8N1JS3zEESe-fOH5uVxi0IFIU-FDIjx3v4EqLxA==
usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
assets-app-production-pubnet.bndzgl.com/assets/ 		67 B
210 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/assets/usersite_print-898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553.css
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
age
7949889
cf-cache-status
HIT
content-length
81
x-xss-protection
1; mode=block
x-request-id
9cf3e8476267bf668ff8954eb8d9e9ee
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Fri, 09 Dec 2022 19:41:57 GMT
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
7c1ddb2ba9fb19ab-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/webp
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://covid19newyear.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:25:52 GMT
x-content-type-options
nosniff
age
124677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:25:52 GMT
font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
assets-app-production-pubnet.bndzgl.com/assets/ 		33 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-app-production-pubnet.bndzgl.com/assets/font-icons-027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5.woff
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-app-production-pubnet.bndzgl.com/assets/usersite/application-f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab.css
Origin
https://covid19newyear.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
access-control-request-method
*
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
6af54c20284c8d9b829f8038ccde40c4
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Tue, 04 Apr 2023 18:54:24 GMT
server
cloudflare
x-download-options
noopen
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=315360000
cf-ray
7c1ddb2bff2d365c-FRA
expires
Sun, 01 May 2033 04:03:49 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://covid19newyear.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:31:19 GMT
x-content-type-options
nosniff
age
124350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:31:19 GMT
5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4
bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/ 		50 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4?1674421705
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.68 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://covid19newyear.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 04 May 2023 04:03:51 GMT
x-amz-version-id
_mpdmg6pR3zMvA4VRzCaqn3vGi3Z.KN1
Last-Modified
Sun, 22 Jan 2023 21:08:26 GMT
Server
AmazonS3
x-amz-request-id
C9BQ9SB0VYQZ4N9E
ETag
"6ff2098ce00bb0688008494803929872"
x-amz-server-side-encryption
AES256
Content-Type
video/mp4
Content-Range
bytes 0-2537853/2537854
Cache-Control
public,max-age=31536000
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
2537854
x-amz-id-2
ZKWrjqmHfofaMt6Y7jYnRNVHA2lqtF5onVqLCEGrnzrVIOooeLjEI8EdNYOZSM9SPP2dMmRwfCM=
stats.js
stats.zoogletools.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/stats.js?v=1
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) /
Resource Hash
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
gzip
via
2 fly.io
last-modified
Tue, 02 May 2023 13:21:35 GMT
server
Fly/199ec4d3 (2023-04-25)
fly-request-id
01GZJEWE0FV3R8R621GR5F0ZXD-fra
etag
W/"6b7-64510e5f.0"
content-type
application/javascript
cache-control
public, max-age=0, must-revalidate
fly-cache-status
HIT
accept-ranges
bytes
240-1bd19d573cc6da0d6cd5.chunk.js
covid19newyear.com/packs/js/ 		107 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/packs/js/240-1bd19d573cc6da0d6cd5.chunk.js
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
4bfccce50ef264c4f22ebec036230ee1d48cd3550db62b9efafdae08cce22107
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
content-length
21369
x-xss-protection
1; mode=block
x-request-id
4dcfb1c3bf9e315a3dcadf54191e641e
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 01 May 2023 19:17:24 GMT
server
openresty
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
231-68b07235084ba4f81b0d.chunk.js
covid19newyear.com/packs/js/ 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/packs/js/231-68b07235084ba4f81b0d.chunk.js
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
4da94be3ceca3ca14ef1c1a1e7cf1cc22c9446d8fa89505d03d344e0f94b94ea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
content-length
13777
x-xss-protection
1; mode=block
x-request-id
457e6f20ba381bd0dadf9fba6b5939d2
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 01 May 2023 19:17:24 GMT
server
openresty
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
236-549dcdb72ad2333d039b.chunk.js
covid19newyear.com/packs/js/ 		486 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/packs/js/236-549dcdb72ad2333d039b.chunk.js
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
9a6f4000d6863e21a8c30240e4965ac2c81dcf6a0f0b630919ec5a052e2bd47a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://covid19newyear.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
access-control-request-method
*
x-permitted-cross-domain-policies
none
content-security-policy
frame-ancestors 'self'
content-length
303
x-xss-protection
1; mode=block
x-request-id
bb5511ca0d8c74c0a7e533cfb14da313
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
last-modified
Mon, 01 May 2023 19:17:24 GMT
server
openresty
x-download-options
noopen
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
badge
covid19newyear.com/api/cart/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/api/cart/badge
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19newyear.com/
X-CSRF-Token
0TlcMyUgIEcfaKTr2WhZx4g9zDl36TvI0udXzRzP7MIiQD/E34buW9fUXNE7rVYGufdaK2eGEKYcZEVVWMs2uw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/html

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
afc2451c60ae13fd8c59c5b4dccb3531, afc2451c60ae13fd8c59c5b4dccb3531
pragma
no-cache
x-runtime
0.040016
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
server
openresty
etag
W/"9f13c6c11cc317009455316149f36f44"
x-download-options
noopen
vary
Accept
x-frame-options
DENY
content-type
text/html; charset=utf-8
cache-control
no-store
x-robots-tag
noindex
x-rack-cache
miss
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
covid19newyear.com/go/member/ 		17 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://covid19newyear.com/go/member/profile
Requested by
Host: assets-app-production-pubnet.bndzgl.com
URL: https://assets-app-production-pubnet.bndzgl.com/packs/js/usersite-7cf8e98240b636835ed4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:90:0:3626:d0ff:6957:de1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
openresty /
Resource Hash
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19newyear.com/
X-CSRF-Token
0TlcMyUgIEcfaKTr2WhZx4g9zDl36TvI0udXzRzP7MIiQD/E34buW9fUXNE7rVYGufdaK2eGEKYcZEVVWMs2uw==
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/json

Response headers

date
Thu, 04 May 2023 04:03:50 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
x-permitted-cross-domain-policies
none
content-length
17
x-xss-protection
1; mode=block
x-request-id
2216a9f073afb4771aa3329cf4a5fa88, 2216a9f073afb4771aa3329cf4a5fa88
pragma
no-cache
x-runtime
0.032876
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-clacks-overhead
GNU Terry Pratchett
server
openresty
etag
W/"06e5f7e2d702e0110271dd33c198e1f3"
x-download-options
noopen
vary
Accept
x-frame-options
DENY
content-type
application/json; charset=utf-8
cache-control
no-store
x-robots-tag
noindex
x-rack-cache
miss
expires
Fri, 01 Jan 1990 00:00:00 GMT
visits
stats.zoogletools.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/visits
Requested by
Host: stats.zoogletools.net
URL: https://stats.zoogletools.net/stats.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19newyear.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 04 May 2023 04:03:49 GMT
via
2 fly.io
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
content-length
0
x-xss-protection
1; mode=block
x-request-id
cfd83dbe-cbcc-4956-8d66-07e125543818
x-runtime
0.205045
referrer-policy
strict-origin-when-cross-origin
fly-request-id
01GZJEWE7PCP62E1MXWKNGV5MY-fra
server
Fly/199ec4d3 (2023-04-25)
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-cache
content-type
application/json; charset=utf-8
vary
Origin
visits
stats.zoogletools.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stats.zoogletools.net/visits
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::a:6d46 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/199ec4d3 (2023-04-25) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://covid19newyear.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Thu, 04 May 2023 04:03:50 GMT
fly-request-id
01GZJEWE4GD4X7E83FP9VXG8MX-fra
server
Fly/199ec4d3 (2023-04-25)
via
2 fly.io
5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4
bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/ 		46 KB
47 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4?1674421705
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.68 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
007e59fef89ecdc7b742460f1d99e57c0ea1500ed5003b2e57e287ac7e4f0510

Request headers

Referer
https://covid19newyear.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=2490368-

Response headers

Date
Thu, 04 May 2023 04:03:51 GMT
x-amz-version-id
_mpdmg6pR3zMvA4VRzCaqn3vGi3Z.KN1
Last-Modified
Sun, 22 Jan 2023 21:08:26 GMT
Server
AmazonS3
x-amz-request-id
C9BTQPZV1MRME5Y0
ETag
"6ff2098ce00bb0688008494803929872"
x-amz-server-side-encryption
AES256
Content-Type
video/mp4
Content-Range
bytes 2490368-2537853/2537854
Cache-Control
public,max-age=31536000
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
47486
x-amz-id-2
C1Cp8XXlGiJ3LcjO09ohE7nQmOxi+3CQ0k74Z0/zblqwf28cDimuH9R1YzgdLmdTobxNOKun/9g=
5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4
bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://bzglfiles.s3.amazonaws.com/u/533077/665b53ba3b43a22405de87c7a9a94d9a05a6e173/web/5fdc12c1626091a6acf151cd98b48e87a603b1cc.mp4?1674421705
Requested by
Host: covid19newyear.com
URL: https://covid19newyear.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.190.68 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.ca-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://covid19newyear.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Range
bytes=32768-

Response headers

Date
Thu, 04 May 2023 04:03:51 GMT
x-amz-version-id
_mpdmg6pR3zMvA4VRzCaqn3vGi3Z.KN1
Last-Modified
Sun, 22 Jan 2023 21:08:26 GMT
Server
AmazonS3
x-amz-request-id
C9BP83YSAXPNB6AJ
ETag
"6ff2098ce00bb0688008494803929872"
x-amz-server-side-encryption
AES256
Content-Type
video/mp4
Content-Range
bytes 32768-2537853/2537854
Cache-Control
public,max-age=31536000
Content-Disposition
attachment
Accept-Ranges
bytes
Content-Length
2505086
x-amz-id-2
In/egK/uvzx3G1eAbf0NvQtE+YtfTTWl8Jr0cT1EeD72wZ67zVsklo4uY/EMneKnAB4vqBRg5f0=

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| Carousel function| onYouTubePlayerAPIReady function| refresh object| zoogle object| zgl function| $ function| jQuery object| I18n function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| Handlebars object| html5 object| Modernizr object| themeJsManager object| skrollr function| addResizeListener function| removeResizeListener function| Waypoint function| YT_ready function| onYouTubeIframeAPIReady object| jQuery1124007734653372357392 function| doTextFit object| Rails boolean| _rails_loaded object| _zaq undefined| dntStatus boolean| dontTrack boolean| inEditor object| webpackJsonp boolean| TurboImportRequested object| regeneratorRuntime object| stimulusApplication boolean| SM2_DEFER function| SoundManager object| soundManager function| hotkeys boolean| captchaIsLoading boolean| ModaImportRequested function| forceRedraw function| toggleIntroPage function| toggleHideNavigationMenu function| updateCanonicalUrl object| zoogleMedia boolean| SOUNDMANAGER_IS_SETUP object| zoogleMusic object| Turbo object| reactiveElementVersions object| litHtmlVersions object| litElementVersions

1 Cookies

Domain/Path Name / Value
covid19newyear.com/ Name: guid
Value: cca6cc12-79f5-4829-9bfb-7e2c82caafbf

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-app-production-pubnet.bndzgl.com
bzglfiles.s3.amazonaws.com
covid19newyear.com
d10j3mvrs1suex.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
stats.zoogletools.net
www.paypalobjects.com
192.229.221.25
2600:9000:2057:5c00:7:56a2:7e40:21
2606:4700:90:0:3626:d0ff:6957:de1
2606:4700::6812:12d7
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2003
2a09:8280:1::a:6d46
52.95.190.68
006a79dd81e8833550a97c55edad51613680f720b22383a16651e21389338a7f
007e59fef89ecdc7b742460f1d99e57c0ea1500ed5003b2e57e287ac7e4f0510
027b2ac2809e314a825179854ed16d55e5d89111f7f9850d7f80eb97a5390de5
061c461be655d95421747b6d56b14bb0c3e2bd5cf973211c8632d80472069dc7
06e5f7e2d702e0110271dd33c198e1f312a785bcf41ca4fbed2fa6d67722dc03
083f2dbea22cbb0338db8ee2dfe61e30423b37cd27b2aaf2fd21f0417d86b379
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
17d4502ad55f13fba12bb306e9a195f0646346b423a5f3611a17afcc388da46b
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
38762364df172b96d1023a94c67dc19fb98818f6627f572fbd90f3f6f200011e
40678f56124cd3e519319acfaa017225d18555869dfd91de671dc5a53f1febb5
418c4a03a9ee60533af51fab92473fb94d46aa48ac50d26267637227ae973813
4bfccce50ef264c4f22ebec036230ee1d48cd3550db62b9efafdae08cce22107
4da94be3ceca3ca14ef1c1a1e7cf1cc22c9446d8fa89505d03d344e0f94b94ea
4fb15dce7fe6fe37f90017fb3a173263d2698ca0d530da6a30d4383afebdfffe
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5f86b0213f05813436bcf702dc838499e43a9a6e3f4685e0c21b7e35cb16da5f
71107e50e7cc280a8afc13b01a9a7ba9c47acc0c39af7bc35843e559fdd5715c
7633826665581554558051253ef3a1e799aa22e65061613efca2c9811b554a33
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
817dd594dc26089930991e13a9ee5a245d9692fe95150a67bf45f1b893b60461
8960da3d746dae5abc8b585e6f4885ab2a4d12f812889bb8225946e36bca150e
898d57949af0ad2bc4f547f83dd6ff3afcc8a33f1513e732d597872e7fa68553
8a91d8b658e1ccf32c68c7f94f6038c2e12a6dc08699b79ec979ebcb636f6e37
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a6f4000d6863e21a8c30240e4965ac2c81dcf6a0f0b630919ec5a052e2bd47a
9f13c6c11cc317009455316149f36f444245b2579388b32f7340b360c1460d29
ad600649eaecf33274246a2194cfa795da89418d6a1da36578d0bb75fdb7f1dd
b136170f9a2678a08d0da8a1a147a58983ee66d62c7ca6b1882db1b4e7f577bc
b2c0dfca55b9ef5fe32a38070b285302f6cfb383dc2e76b041dba46a0f515367
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
cfed0c2adeb1f99c14e9f0d69c4262bedb7f997c5b89f1a35baaec14ba31d5a1
db3607cac9ed1254851e50e5fd2efe724a74ae77bac41bca0ef3bb3e109fa833
e523002f4cd8fbd35a546f1de6ceffbd269c4cf2b6b20d5f35fd16b66e662959
eb941f847573c046ee640fa5f3a19b1ff595a00e4624dbd32adabc4c12deecbb
f33a2bb0eec2261940c95b563a97124d6b9e866416bd90b7df4d6b6962283cab
f98657704f7defa083fc3db5d395ec83aa0e0a097d60ee3dc72135cb7698519f