URL: https://freeduringcovid19.site/
Submission: On April 08 via api from US

Summary

This website contacted 17 IPs in 6 countries across 16 domains to perform 27 HTTP transactions. The main IP is 128.199.55.162, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is freeduringcovid19.site.
TLS certificate: Issued by GlobalSign RSA DV SSL CA 2018 on April 8th 2020. Valid for: a year.
This is the only time freeduringcovid19.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 128.199.55.162 14061 (DIGITALOC...)
2 151.139.128.10 20446 (HIGHWINDS3)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 87.240.190.72 47541 (VKONTAKTE...)
4 2606:2800:234... 15133 (EDGECAST)
1 2a0a:7d80::b 6697 (BELPAK-AS...)
1 13.224.194.121 16509 (AMAZON-02)
1 152.199.21.209 15133 (EDGECAST)
1 35.232.132.78 15169 (GOOGLE)
1 23.203.91.67 16625 (AKAMAI-AS)
1 192.124.249.118 30148 (SUCURI-SEC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1480:400... 33905 (AKAMAI-AMS)
1 5.178.84.205 50340 (SELECTEL-MSK)
1 164.132.49.139 16276 (OVH)
1 104.244.42.136 13414 (TWITTER)
1 2a03:2880:f12... 32934 (FACEBOOK)
27 17
Domain Requested by
4 platform.twitter.com freeduringcovid19.site
platform.twitter.com
4 freeduringcovid19.site freeduringcovid19.site
3 vk.com freeduringcovid19.site
vk.com
2 connect.facebook.net freeduringcovid19.site
connect.facebook.net
2 z9t4u9f6.stackpathcdn.com freeduringcovid19.site
1 www.facebook.com connect.facebook.net
1 syndication.twitter.com freeduringcovid19.site
1 mdbootstrap.com freeduringcovid19.site
1 www.alpinabook.ru freeduringcovid19.site
1 pbs.twimg.com freeduringcovid19.site
1 miro.medium.com freeduringcovid19.site
1 www.westendtheatre.com freeduringcovid19.site
1 unity.com freeduringcovid19.site
1 homeschoolpiano.com freeduringcovid19.site
1 images.gog-statics.com freeduringcovid19.site
1 media.downdogapp.com freeduringcovid19.site
1 img.tyt.by freeduringcovid19.site
27 17
Subject Issuer Validity Valid
www.freeduringcovid19.site
GlobalSign RSA DV SSL CA 2018
2020-04-08 -
2021-04-09
a year crt.sh
*.stackpathcdn.com
Go Daddy Secure Certificate Authority - G2
2019-06-27 -
2021-06-27
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
vk.com
Sectigo ECC Extended Validation Secure Server CA
2019-07-11 -
2020-07-09
a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
img.tyt.by
Let's Encrypt Authority X3
2020-03-16 -
2020-06-14
3 months crt.sh
*.downdogapp.com
Amazon
2020-01-23 -
2021-02-23
a year crt.sh
*.gog-statics.com
DigiCert SHA2 Secure Server CA
2020-03-10 -
2021-03-15
a year crt.sh
homeschoolpiano.com
Let's Encrypt Authority X3
2020-02-18 -
2020-05-18
3 months crt.sh
*.unity.com
DigiCert SHA2 Secure Server CA
2019-07-29 -
2020-10-27
a year crt.sh
westendtheatre.com
Go Daddy Secure Certificate Authority - G2
2019-08-19 -
2020-08-19
a year crt.sh
*.medium.com
DigiCert SHA2 Secure Server CA
2018-07-31 -
2020-09-09
2 years crt.sh
pbs.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year crt.sh
alpinabook.ru
Let's Encrypt Authority X3
2020-04-07 -
2020-07-06
3 months crt.sh
mdbootstrap.com
Let's Encrypt Authority X3
2020-03-04 -
2020-06-02
3 months crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh

This page contains 4 frames:

Primary Page: https://freeduringcovid19.site/
Frame ID: 8E473DC5994184CB0E332D1397B95A59
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Ffreeduringcovid19.site
Frame ID: 6F94A5F25745FA5080061722E646614F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Frame ID: 4EA9F2E62B7633A4F705C55EC71808CE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v6.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e2002301a03c4%26domain%3Dfreeduringcovid19.site%26origin%3Dhttps%253A%252F%252Ffreeduringcovid19.site%252Ff12ed328b1f748%26relation%3Dparent.parent&container_width=88&href=http%3A%2F%2Ffreeduringcovid19.site%2F&layout=button_count&locale=ru_RU&sdk=joey&size=small
Frame ID: 61FB134F9F9FA4BC28B22C182B28FEA6
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

27
Requests

100 %
HTTPS

35 %
IPv6

16
Domains

17
Subdomains

17
IPs

6
Countries

2061 kB
Transfer

3146 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
freeduringcovid19.site/
15 KB
5 KB
Document
General
Full URL
https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.199.55.162 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
freeduringcovid19.site
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
01288a7c0a2b12f7b7175acbe1c69fc4e0ca9c4c7be9bc3329341fff9f67ef64

Request headers

Host
freeduringcovid19.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Wed, 08 Apr 2020 16:04:09 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Language
en-US
Content-Encoding
gzip
compiled-4.15.0.min.css
z9t4u9f6.stackpathcdn.com/wp-content/themes/mdbootstrap4/css/
865 KB
138 KB
Stylesheet
General
Full URL
https://z9t4u9f6.stackpathcdn.com/wp-content/themes/mdbootstrap4/css/compiled-4.15.0.min.css?ver=4.15.0
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
ee641b9eeaa6be5aa0c00a40ee8093c6ea995fd637f0d03ae0e036b9dc04cae8

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 08 Apr 2020 16:04:10 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Mar 2020 06:48:57 GMT
server
nginx/1.17.6
access-control-allow-origin
*
etag
W/"5e819659-d857d"
x-hw
1586361850.cds005.pa1.hn,1586361850.cds025.pa1.c
content-type
text/css
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-length
140847
styles.css
freeduringcovid19.site/
341 B
652 B
Stylesheet
General
Full URL
https://freeduringcovid19.site/styles.css
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.199.55.162 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
freeduringcovid19.site
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
52eb7104fe0a7b442d81c7d15d44c6ebb7f54df32c2bf68052736493ba9695ae

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 16:04:09 GMT
Last-Modified
Tue, 07 Apr 2020 20:49:03 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
341
flag.min.css
freeduringcovid19.site/
21 KB
21 KB
Stylesheet
General
Full URL
https://freeduringcovid19.site/flag.min.css
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.199.55.162 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
freeduringcovid19.site
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
95d884d99b6fde4a35b97604f618b1f1f8f683bce89289093788f6e572b2a2c6

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Wed, 08 Apr 2020 16:04:09 GMT
Last-Modified
Tue, 07 Apr 2020 20:49:03 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21367
sdk.js
connect.facebook.net/ru_RU/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e5c741f6cb342e995529b8cd94563013c2cb8cfc69d2f74ddd035bfad953824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://freeduringcovid19.site/
Origin
https://freeduringcovid19.site
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SyeHXQSw7zDBKAUZAZuw3Q==
status
200
date
Wed, 08 Apr 2020 16:04:09 GMT, Wed, 08 Apr 2020 16:04:09 GMT
expires
Wed, 08 Apr 2020 16:12:22 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
1781
x-fb-debug
UzUCTe8Cm/rfIXbuaSqqHqvmBxXRI31MprbhekUQia43ThAKoNcNAy/+C7GFITFxJoRhc73f4FDITL7SKv717g==
x-fb-trip-id
1850256238
x-fb-content-md5
74567af8d04d138b5a9b1de04900f2ab
etag
"03fba3f7592a2a8b0a537f28b6054d1f"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
share.js
vk.com/js/api/
10 KB
4 KB
Script
General
Full URL
https://vk.com/js/api/share.js?93
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
VK /
Resource Hash
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 16:04:11 GMT
content-encoding
gzip
x-frontend
front212405
last-modified
Wed, 08 Apr 2020 15:20:23 GMT
server
VK
etag
"5e8debb7-dc7"
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
3527
expires
Sun, 12 Apr 2020 16:04:11 GMT
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4198) /
Resource Hash
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 16:04:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:48:50 GMT
Server
ECS (fcn/4198)
Age
1429
Etag
"bfee88d079c2668aea5525e2d719ba90+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29121
teatr_kupalovskiy_48.jpg
img.tyt.by/n/01/8/
322 KB
323 KB
Image
General
Full URL
https://img.tyt.by/n/01/8/teatr_kupalovskiy_48.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
2db076f0b68639b3133fbce6d1f9f8b5c61bdfc99b6d6d0f1c6b933a555a0155
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:09 GMT
last-modified
Thu, 26 Dec 2013 12:41:01 GMT
server
nginx
etag
"52bc23dd-50973"
strict-transport-security
max-age=86400;
content-type
image/jpeg
status
200
cache-control
max-age=1209600, private
accept-ranges
bytes
content-length
330099
expires
Tue, 21 Apr 2020 16:32:55 GMT
og-image.jpg
media.downdogapp.com/misc/
585 KB
586 KB
Image
General
Full URL
https://media.downdogapp.com/misc/og-image.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-121.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5cd5b4f955ba82296a36b99dc7172126e1d8819f7029eb8e095f5cb734faf819

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 05:42:13 GMT
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified
Thu, 16 Aug 2018 23:28:18 GMT
server
AmazonS3
age
37318
etag
"cccc8a776ae620c159102af552520fc7"
x-cache
Hit from cloudfront
x-amz-version-id
cVF1Xs5gxWQ9gM54zRxtv3i3Q3lNk.Ma
status
200
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
599269
x-amz-cf-id
5XkiULYyr0JLWsZ_lycuTixgkQYMxeF-9Hbh_1fx4LTVcvI44SUknw==
844bac20026bcb6faf3d308fe9ad38365b3df6d1b5c4b74d0db309b426c997c5.jpg
images.gog-statics.com/
214 KB
214 KB
Image
General
Full URL
https://images.gog-statics.com/844bac20026bcb6faf3d308fe9ad38365b3df6d1b5c4b74d0db309b426c997c5.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.209 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AB3) /
Resource Hash
fddd830e24c12aab29828388dffc835d013732eae4700dc77f9453f3612a3377

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:10 GMT
last-modified
Mon, 03 Feb 2020 10:23:53 GMT
server
ECAcc (ama/8AB3)
age
5288165
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
x-adn-h
Y
access-control-allow-origin
*
content-length
219006
expires
Mon, 05 Apr 2021 15:19:58 GMT
learning-piano.png
homeschoolpiano.com/wp-content/uploads/2015/07/
231 KB
231 KB
Image
General
Full URL
https://homeschoolpiano.com/wp-content/uploads/2015/07/learning-piano.png
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.132.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
78.132.232.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
11a72838978041346ad7540b3cbeae84d24af48255ea464533548be0795582db

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:10 GMT
last-modified
Thu, 12 Sep 2019 03:32:10 GMT
server
nginx
access-control-allow-origin
*
etag
"5d79bc3a-39aac"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
236204
learn-premium-OG.jpg
unity.com/sites/default/files/styles/social_media_sharing/public/2019-11/
101 KB
101 KB
Image
General
Full URL
https://unity.com/sites/default/files/styles/social_media_sharing/public/2019-11/learn-premium-OG.jpg?itok=x0fL8OzT
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.67 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-91-67.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4bf18d88700d0d66627f55f186106217bc0759d4e966f25fd3326202673d43d5

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:10 GMT
last-modified
Mon, 30 Mar 2020 17:36:09 GMT
server
Akamai Image Manager
etag
"5df8d10b-1943e"
vary
Accept-Encoding, Cookie
content-type
image/webp
status
200
cache-control
private, no-transform, max-age=43200
content-length
103316
expires
Thu, 09 Apr 2020 04:04:10 GMT
logo-sadlerswells.jpg
www.westendtheatre.com/wp-content/uploads/2015/05/
11 KB
12 KB
Image
General
Full URL
https://www.westendtheatre.com/wp-content/uploads/2015/05/logo-sadlerswells.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.118 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10118.sucuri.net
Software
nginx /
Resource Hash
6dc0d209641a9d4309943687785ba138960b00a95f2f62f6b8ec59f36a579bef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:12 GMT
x-content-type-options
nosniff
status
200
x-sucuri-cache
MISS
host-header
5d77dd967d63c3104bced1db0cace49c
alt-svc
quic=":443"; ma=86400; v="43,39"
content-length
11732
x-xss-protection
1; mode=block
last-modified
Fri, 09 Jun 2017 13:09:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=315360000
x-sucuri-id
19018
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
x-proxy-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
1*xNkpUtpLalTd-0Yetw0oFA.jpeg
miro.medium.com/max/3780/
79 KB
79 KB
Image
General
Full URL
https://miro.medium.com/max/3780/1*xNkpUtpLalTd-0Yetw0oFA.jpeg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7891 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7bee9be2d6996d9185d78d7a370e8f3422f3d8bc75e7f8f1134c241b60ffcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
4059
status
200
x-envoy-upstream-service-time
47
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
80497
pragma
public
sepia-upstream
production
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000
medium-fulfilled-by
miro/master-20200402-232437-b0eff525fb
accept-ranges
bytes
cf-ray
580d3901cfc71776-FRA
expires
Fri, 08 May 2020 16:04:11 GMT
veBhR6VZ_400x400.jpg
pbs.twimg.com/profile_images/1024598410517786625/
13 KB
14 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1024598410517786625/veBhR6VZ_400x400.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, US),
Reverse DNS
Software
tsa_a /
Resource Hash
d8c8573b4be5be6ae942ba445d475427760354ceaa0fc6e10bb152fa46b9ce5e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=631138519
x-content-type-options
nosniff
x-client-network
EIP
x-cache
MISS
status
200
content-length
13648
x-response-time
16
last-modified
Wed, 01 Aug 2018 10:09:11 GMT
server
tsa_a
date
Wed, 08 Apr 2020 16:04:11 GMT
x-tw-cdn
ak
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
dead52ecfd65ba3c75782063ce8c0c5a
f29d83b06c808c6e6eee541084e1999f.jpg
www.alpinabook.ru/upload/resize_cache/iblock/f29/700_700_1/
81 KB
82 KB
Image
General
Full URL
https://www.alpinabook.ru/upload/resize_cache/iblock/f29/700_700_1/f29d83b06c808c6e6eee541084e1999f.jpg
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.178.84.205 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
alpinabook.ru
Software
nginx /
Resource Hash
e18a39b210a8379b68d057a5980187d8408615b8e84b70c429d48e9d5df2a719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:03:31 GMT
last-modified
Tue, 17 Mar 2020 07:10:43 GMT
server
nginx
etag
"5e7077f3-144db"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
status
200
cache-control
max-age=31104000
accept-ranges
bytes
content-length
83163
expires
Sat, 03 Apr 2021 16:03:31 GMT
sdk.js
connect.facebook.net/ru_RU/
389 KB
114 KB
Script
General
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=b3c667f9a7524750bd4d3af4c8d1887c&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ac77fbc3a12300bfcd2b2f76cc3e38e0888a6063a36f56078663b5ff58715f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://freeduringcovid19.site/
Origin
https://freeduringcovid19.site
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xlXJZ0a/wbao5AU24i3LjQ==
status
200
date
Wed, 08 Apr 2020 16:04:11 GMT, Wed, 08 Apr 2020 16:04:11 GMT
expires
Thu, 08 Apr 2021 15:57:53 GMT
alt-svc
h3-27=":443"; ma=3600
content-length
115913
x-fb-debug
eB3uFva+vyw9CNvhDM7lC4+sP46U02nK5G26juws8fh+miGcjqsKVNmzjIz2xMkfzG/jo5lBpjcto3LkLVlj/w==
x-fb-trip-id
1850256238
x-fb-content-md5
3d2ec3b5c853e7210c838617227b104b
etag
"e0d1d6d050dc219ed02d2c7f6c401589"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
flags.png
mdbootstrap.com/img/svg/
27 KB
28 KB
Image
General
Full URL
https://mdbootstrap.com/img/svg/flags.png
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.49.139 , France, ASN16276 (OVH, FR),
Reverse DNS
139.ip-164-132-49.eu
Software
nginx/1.17.6 /
Resource Hash
94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd

Request headers

Referer
https://freeduringcovid19.site/flag.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 16:04:12 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 18 Oct 2019 14:31:00 GMT
Server
nginx/1.17.6
ETag
"5da9cca4-6ddb"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28123
Expires
Thu, 08 Apr 2021 16:04:12 GMT
by_flag_custom.png
freeduringcovid19.site/
509 B
821 B
Image
General
Full URL
https://freeduringcovid19.site/by_flag_custom.png
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
128.199.55.162 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
freeduringcovid19.site
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c9528c7d1a6d04c0801b10d53d705e8fc717073b61c10a79be1a30a3582b0080

Request headers

Referer
https://freeduringcovid19.site/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Wed, 08 Apr 2020 16:04:11 GMT
Last-Modified
Tue, 07 Apr 2020 20:49:03 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
509
fa-brands-400.woff2
z9t4u9f6.stackpathcdn.com/wp-content/themes/mdbootstrap4/font/fa5/
74 KB
74 KB
Font
General
Full URL
https://z9t4u9f6.stackpathcdn.com/wp-content/themes/mdbootstrap4/font/fa5/fa-brands-400.woff2
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843

Request headers

Referer
https://z9t4u9f6.stackpathcdn.com/wp-content/themes/mdbootstrap4/css/compiled-4.15.0.min.css?ver=4.15.0
Origin
https://freeduringcovid19.site
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 08 Apr 2020 16:04:12 GMT
last-modified
Mon, 21 Oct 2019 07:15:31 GMT
server
nginx/1.17.6
access-control-allow-origin
*
etag
"5dad5b13-12648"
x-hw
1586361852.cds019.pa1.hn,1586361852.cds025.pa1.c
content-type
font/woff2
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
75336
share.php
vk.com/
21 B
319 B
Script
General
Full URL
https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Ffreeduringcovid19.site%2F
Requested by
Host: vk.com
URL: https://vk.com/js/api/share.js?93
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
VK / PHP/3.23892
Resource Hash
c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 08 Apr 2020 16:04:11 GMT
content-encoding
gzip
x-frontend
front212405
server
VK
x-powered-by
PHP/3.23892
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
like_widget.png
vk.com/images/icons/
538 B
790 B
Image
General
Full URL
https://vk.com/images/icons/like_widget.png
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
VK /
Resource Hash
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:11 GMT
x-frontend
front212405
last-modified
Wed, 08 Apr 2020 15:11:01 GMT
server
VK
etag
"5e8de985-21a"
strict-transport-security
max-age=15768000
content-type
image/png
status
200
access-control-expose-headers
X-Frontend
cache-control
max-age=604800
accept-ranges
bytes
content-length
538
expires
Wed, 15 Apr 2020 16:04:11 GMT
widget_iframe.6787510241df65d128e2b60207ad4c25.html
platform.twitter.com/widgets/ Frame 6F94
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.6787510241df65d128e2b60207ad4c25.html?origin=https%3A%2F%2Ffreeduringcovid19.site
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://freeduringcovid19.site/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://freeduringcovid19.site/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
64733
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Apr 2020 16:04:11 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 07 Apr 2020 20:47:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E6)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
button.93a0c25c2d2f3081c705c98c2d9dec0e.js
platform.twitter.com/js/
7 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.93a0c25c2d2f3081c705c98c2d9dec0e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4198) /
Resource Hash
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 08 Apr 2020 16:04:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Apr 2020 20:47:38 GMT
Server
ECS (fcn/4198)
Age
64732
Etag
"0745fc0bb127ba13d716d66761b4628d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
2298
tweet_button.6787510241df65d128e2b60207ad4c25.en.html
platform.twitter.com/widgets/ Frame 4EA9
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.6787510241df65d128e2b60207ad4c25.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4198) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://freeduringcovid19.site/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://freeduringcovid19.site/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
64733
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 08 Apr 2020 16:04:11 GMT
Etag
"19c3039cfd5675cf5859e70ff1c2f6e3+gzip"
Last-Modified
Tue, 07 Apr 2020 20:47:45 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/4198)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12395
jot
syndication.twitter.com/i/
43 B
120 B
Image
General
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ffreeduringcovid19.site%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1586361851417%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22a2aa63b%3A1586240908307%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: freeduringcovid19.site
URL: https://freeduringcovid19.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://freeduringcovid19.site/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 08 Apr 2020 16:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
0
x-response-time
110
pragma
no-cache
last-modified
Wed, 08 Apr 2020 16:04:11 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
4e0987df6c0d878e5148620ccd9b043c
x-transaction
00be9b240050be56
expires
Tue, 31 Mar 1981 05:00:00 GMT
share_button.php
www.facebook.com/v6.0/plugins/ Frame 61FB
0
0
Document
General
Full URL
https://www.facebook.com/v6.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e2002301a03c4%26domain%3Dfreeduringcovid19.site%26origin%3Dhttps%253A%252F%252Ffreeduringcovid19.site%252Ff12ed328b1f748%26relation%3Dparent.parent&container_width=88&href=http%3A%2F%2Ffreeduringcovid19.site%2F&layout=button_count&locale=ru_RU&sdk=joey&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=b3c667f9a7524750bd4d3af4c8d1887c&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v6.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df2e2002301a03c4%26domain%3Dfreeduringcovid19.site%26origin%3Dhttps%253A%252F%252Ffreeduringcovid19.site%252Ff12ed328b1f748%26relation%3Dparent.parent&container_width=88&href=http%3A%2F%2Ffreeduringcovid19.site%2F&layout=button_count&locale=ru_RU&sdk=joey&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://freeduringcovid19.site/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://freeduringcovid19.site/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
facebook-api-version
v6.0
x-xss-protection
0
content-type
text/html; charset="utf-8"
x-fb-debug
OWCZbpjnyKhJTIjjWZqTg6yFDyH+rGcU6OVtOIzF4VhFf92qSsP+jQHbOb9Y0hHJzWUD2Lhs1RWvLrncC5Y/PQ==
date
Wed, 08 Apr 2020 16:04:12 GMT Wed, 08 Apr 2020 16:04:12 GMT
alt-svc
h3-27=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| FB object| VK object| __twttrll object| twttr object| __twttr

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
freeduringcovid19.site
homeschoolpiano.com
images.gog-statics.com
img.tyt.by
mdbootstrap.com
media.downdogapp.com
miro.medium.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
unity.com
vk.com
www.alpinabook.ru
www.facebook.com
www.westendtheatre.com
z9t4u9f6.stackpathcdn.com
104.244.42.136
128.199.55.162
13.224.194.121
151.139.128.10
152.199.21.209
164.132.49.139
192.124.249.118
23.203.91.67
2600:1480:4000:e5::
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:7891
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a0a:7d80::b
35.232.132.78
5.178.84.205
87.240.190.72
01288a7c0a2b12f7b7175acbe1c69fc4e0ca9c4c7be9bc3329341fff9f67ef64
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8
11a72838978041346ad7540b3cbeae84d24af48255ea464533548be0795582db
2db076f0b68639b3133fbce6d1f9f8b5c61bdfc99b6d6d0f1c6b933a555a0155
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
4bf18d88700d0d66627f55f186106217bc0759d4e966f25fd3326202673d43d5
52eb7104fe0a7b442d81c7d15d44c6ebb7f54df32c2bf68052736493ba9695ae
5cd5b4f955ba82296a36b99dc7172126e1d8819f7029eb8e095f5cb734faf819
6dc0d209641a9d4309943687785ba138960b00a95f2f62f6b8ec59f36a579bef
6e5c741f6cb342e995529b8cd94563013c2cb8cfc69d2f74ddd035bfad953824
8ac77fbc3a12300bfcd2b2f76cc3e38e0888a6063a36f56078663b5ff58715f7
94d5c7f1661301c4a6dc491d72dd559a0620cd917a826f0df1b023bb96ea9ddd
95d884d99b6fde4a35b97604f618b1f1f8f683bce89289093788f6e572b2a2c6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
bb7bee9be2d6996d9185d78d7a370e8f3422f3d8bc75e7f8f1134c241b60ffcc
c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0
c9528c7d1a6d04c0801b10d53d705e8fc717073b61c10a79be1a30a3582b0080
cef013ba053c40f6bfa36baf6b11dca3426b1697bb52bec0902a4746f5f7d169
d3caf12591d194712facd10bca14f0a924edb59c24447a3fd994a48286db8843
d8c8573b4be5be6ae942ba445d475427760354ceaa0fc6e10bb152fa46b9ce5e
deb392febab4850ea24bd8516eed1b897991977ad63904261b9ffb21ccc66a4b
e18a39b210a8379b68d057a5980187d8408615b8e84b70c429d48e9d5df2a719
ee641b9eeaa6be5aa0c00a40ee8093c6ea995fd637f0d03ae0e036b9dc04cae8
fddd830e24c12aab29828388dffc835d013732eae4700dc77f9453f3612a3377