koronavirus24.info Open in urlscan Pro
81.177.6.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://koronavirus24.info/
Effective URL:
https://koronavirus24.info/
Submission: On March 24 via api (March 24th 2020, 3:53:03 am UTC) from CA

Summary HTTP 68 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 20 domains to perform 68 HTTP transactions. The main IP is 81.177.6.6, located in Russian Federation and belongs to RTCOMM-AS, RU. The main domain is koronavirus24.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 20th 2020. Valid for: 3 months.

This is the only time koronavirus24.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	81.177.6.6 81.177.6.6	8342 (RTCOMM-AS) (RTCOMM-AS)
2	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
4	37.200.67.210 37.200.67.210	49505 (SELECTEL) (SELECTEL)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3	31.131.252.94 31.131.252.94	50340 (SELECTEL-MSK) (SELECTEL-MSK)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
3	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 2	195.181.175.46 195.181.175.46	60068 (CDN77) (CDN77)
1 1	2606:4700:303... 2606:4700:3036::681f:5a66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.99.5.124 176.99.5.124	49352 (LOGOL-AS) (LOGOL-AS)
16 20	185.15.175.147 185.15.175.147	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	94.130.75.254 94.130.75.254	24940 (HETZNER-AS) (HETZNER-AS)
1 1	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 2	185.15.175.137 185.15.175.137	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
68	19

23 81.177.6.6 (Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)
PTR: srv170-h-st.jino.ru

koronavirus24.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.200.67.210 (Russian Federation)

ASN49505 (SELECTEL, RU)

share.pluso.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.131.252.94 (St Petersburg, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

kitbit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.181.175.46 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-46.datapacket.com

p1.ntvk1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681f:5a66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

optinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.99.5.124 (Russian Federation)

ASN49352 (LOGOL-AS, RU)
PTR: d40625.acod.regrucolo.ru

ut9.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.15.175.147 (Russian Federation) 16 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.75.254 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-app-3.community.moscow

matcher.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.8.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.137 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

fnc.rt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	digitaltarget.ru 16 redirects tag.digitaltarget.ru dmg.digitaltarget.ru ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru	30 KB
23	koronavirus24.info 1 redirects koronavirus24.info	347 KB
8	gstatic.com fonts.gstatic.com	73 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	134 KB
5	yandex.ru 1 redirects mc.yandex.ru	95 KB
4	pluso.ru share.pluso.ru	41 KB
3	upravel.com 2 redirects matcher.upravel.com sync.upravel.com 573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com	2 KB
3	kitbit.net kitbit.net	2 KB
2	eyeota.net ps.eyeota.net	688 B
2	rt.ru 2 redirects fnc.rt.ru	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	674 B
2	ntvk1.ru 1 redirects p1.ntvk1.ru	735 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	doubleclick.net googleads.g.doubleclick.net
2	googleapis.com fonts.googleapis.com	1 KB
1	rktch.com ut9.rktch.com	84 B
1	optinder.com 1 redirects optinder.com	405 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
68	20

	Domain	Requested by
23	koronavirus24.info	1 redirects koronavirus24.info pagead2.googlesyndication.com
19	dmg.digitaltarget.ru	16 redirects
8	fonts.gstatic.com	pagead2.googlesyndication.com koronavirus24.info
5	mc.yandex.ru	1 redirects koronavirus24.info
4	share.pluso.ru	koronavirus24.info share.pluso.ru
4	pagead2.googlesyndication.com	koronavirus24.info pagead2.googlesyndication.com
3	tag.digitaltarget.ru	kitbit.net tag.digitaltarget.ru
3	kitbit.net	share.pluso.ru kitbit.net
2	ps.eyeota.net
2	fnc.rt.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	p1.ntvk1.ru	1 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	counter.yadro.ru	1 redirects
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	koronavirus24.info
1	jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru
1	ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru
1	573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com
1	sync.upravel.com	1 redirects
1	matcher.upravel.com	1 redirects
1	ut9.rktch.com
1	optinder.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
68	26

This site contains links to these domains. Also see Links.

Domain
pluso.ru

Subject Issuer	Validity	Valid
koronavirus24.info Let's Encrypt Authority X3	`2020-03-20` - `2020-06-18`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.pluso.ru Let's Encrypt Authority X3	`2020-02-26` - `2020-05-26`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.kitbit.net Let's Encrypt Authority X3	`2018-11-05` - `2019-02-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tag.digitaltarget.ru Let's Encrypt Authority X3	`2020-03-16` - `2020-06-14`	3 months	crt.sh
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA	`2019-05-12` - `2020-05-11`	a year	crt.sh
ut9.rktch.com Let's Encrypt Authority X3	`2020-02-12` - `2020-05-12`	3 months	crt.sh
*.sync.upravel.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-04` - `2020-11-06`	a year	crt.sh
dmg.digitaltarget.ru Let's Encrypt Authority X3	`2020-03-16` - `2020-06-14`	3 months	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-02-10` - `2020-05-10`	3 months	crt.sh
*.r.dmg.digitaltarget.ru Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://koronavirus24.info/
Frame ID: 7CCFD8E13F7A2911E2834FD638364CC8
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html
Frame ID: 749775AA8FADC6DE6AABEC1E93258533
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6295929821839519&output=html&adk=1812271804&adf=3025194257&lmt=1585021967&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoronavirus24.info%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585021967274&bpp=24&bdt=392&fdt=104&idt=104&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2291731452874&frm=20&pv=2&ga_vid=542654304.1585021967&ga_sid=1585021967&ga_hid=1977890461&ga_fc=0&iag=0&icsg=37726463&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=10463450574711&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=116
Frame ID: F10119A658B09E910CBC034F0BAA6255
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: D50844D7C4B9FBF4104B105D60B43B54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://koronavirus24.info/ HTTP 302
https://koronavirus24.info/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- All in One SEO Pack ([\d.]+) /i

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- All in One SEO Pack ([\d.]+) /i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

68
Requests

94 %
HTTPS

38 %
IPv6

20
Domains

26
Subdomains

19
IPs

3
Countries

743 kB
Transfer

2297 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://pluso.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://koronavirus24.info/ HTTP 302
https://koronavirus24.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://mc.yandex.ru/watch/61187254?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200324045247%3Aet%3A1585021968%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A546871791%3Ahid%3A104070581%3Ads%3A0%2C143%2C983%2C1%2C174%2C0%2C0%2C465%2C21%2C%2C%2C%2C1767%3Afp%3A1739%3Awn%3A19116%3Ahl%3A2%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585021968%3Au%3A1585021968872430829%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8 HTTP 302
https://mc.yandex.ru/watch/61187254/1?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200324045247%3Aet%3A1585021968%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A546871791%3Ahid%3A104070581%3Ads%3A0%2C143%2C983%2C1%2C174%2C0%2C0%2C465%2C21%2C%2C%2C%2C1767%3Afp%3A1739%3Awn%3A19116%3Ahl%3A2%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585021968%3Au%3A1585021968872430829%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8

Request Chain 45

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438;1 HTTP 302
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438;1

Request Chain 55

https://p1.ntvk1.ru/nps HTTP 302
https://optinder.com/cro HTTP 302
https://p1.ntvk1.ru/scn?sid=1585021968232

Request Chain 59

https://dmg.digitaltarget.ru/1/6499/i/i?i=534007173381373.355361765877420 HTTP 302
https://dmg.digitaltarget.ru/1/6499/i/i?i=534007173381373.355361765877420&q=scc HTTP 302
https://matcher.upravel.com/m?id=j8xMGZmon552555526ZO&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D HTTP 302
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=573d3be5-49a7-4e19-bb6c-9360bb79bbf5 HTTP 302
https://sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496 HTTP 302
https://573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9rb3JvbmF2aXJ1czI0LmluZm8vIl19fQ

Request Chain 60

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D&bounce=1&random=953806536 HTTP 302
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu HTTP 302
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu&q=scc

Request Chain 61

https://dmg.digitaltarget.ru/1/7016/i/i?i=534007173381373.580861803858616 HTTP 302
https://dmg.digitaltarget.ru/1/7016/i/i?i=534007173381373.580861803858616&q=scc

Request Chain 62

https://dmg.digitaltarget.ru/1/6534/i/i?i=534007173381373.149327101786936 HTTP 302
https://dmg.digitaltarget.ru/1/6534/i/i?i=534007173381373.149327101786936&q=scc HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=535044001582647094266000000032639848 HTTP 302
https://fnc.rt.ru/1/6532/i/i?i=535044001582647094266000000032639848&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/6533/i/i?i=227221001582646856404000000002054835&a=774&e=4CSiCZmoi5lo5555KpWe

Request Chain 63

https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.503493114898282&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient.cr: HTTP 302
https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.503493114898282&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient.cr:&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=ej8x0dpdbyghbCF7kMoO&i=818725001582646353258000000032741465 HTTP 302
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=ej8x0dpdbyghbCF7kMoO

Request Chain 64

https://dmg.digitaltarget.ru/awg/1086?i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient

Request Chain 65

https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.500481449527605&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient HTTP 302
https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.500481449527605&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient&q=scc HTTP 302
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=csBni6mon55855552QmZ&i=292443001582646893364000000032808429 HTTP 302
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=csBni6mon55855552QmZ

Request Chain 66

https://dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient HTTP 307
https://jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient

68 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koronavirus24.info/
Redirect Chain

http://koronavirus24.info/
https://koronavirus24.info/

54 KB
15 KB

1127ms
984ms

Document
text/html

81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 656be60d56cb1f1113ea4654806e9b054005f959dfc36b3e1810e3580a5d4fb8

Request headers

:method: GET
:authority: koronavirus24.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 24 Mar 2020 03:52:46 GMT
content-type: text/html; charset=UTF-8
content-length: 15229
server: Jino.ru/mod_pizza
set-cookie: PHPSESSID=a0d471de86ba6ba57f7886587f032937; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://koronavirus24.info/wp-json/>; rel="https://api.w.org/" <https://koronavirus24.info/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 24 Mar 2020 03:52:45 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: https://koronavirus24.info/

GET
H2 200 style.min.css
koronavirus24.info/wp-includes/css/dist/block-library/ 40 KB
6 KB 75ms
73ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-includes/css/dist/block-library/style.min.css?ver=dd2d6e842b763487df2ffe502e75cbfb
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 02:03:22 GMT
server: Jino.ru/mod_pizza
etag: "c687e6c-a1fb-59a91c81f8e80"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 6163

GET
H2 200 styles.css
koronavirus24.info/wp-content/plugins/contact-form-7/includes/css/ 2 KB
847 B 72ms
70ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:47:14 GMT
server: Jino.ru/mod_pizza
etag: "c68c75c-66d-59a918e6d0c80"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 649

GET
H2 200 screen.min.css
koronavirus24.info/wp-content/plugins/table-of-contents-plus/ 1 KB
760 B 72ms
71ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=1509
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: e4f6a606a63e81dbc45a3a5bae850789ff8075277fcfd5e73dd73cf3742fca5c

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:44:06 GMT
server: Jino.ru/mod_pizza
etag: "c68c9a8-5c8-59a9183386580"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 562

GET
H2 200 css
fonts.googleapis.com/ 9 KB
915 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37d1e1513e58f662498b2b5de35cab1ce228bea2b326ea4fd58a6b1aa2af843a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 03:52:46 GMT
server: ESF
date: Tue, 24 Mar 2020 03:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Mar 2020 03:52:46 GMT

GET
H2 200 jquery.js Show response
koronavirus24.info/wp-includes/js/jquery/ 95 KB
33 KB 134ms
133ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 02:02:48 GMT
server: Jino.ru/mod_pizza
etag: "c689869-17a69-59a91c618c200"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 33776

GET
H2 200 jquery-migrate.min.js Show response
koronavirus24.info/wp-includes/js/jquery/ 10 KB
4 KB 128ms
126ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 02:02:48 GMT
server: Jino.ru/mod_pizza
etag: "c689863-2748-59a91c618c200"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4014

GET
H2 200 slick.min.css
koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/ 1 KB
675 B 75ms
73ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/slick.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:57:22 GMT
server: Jino.ru/mod_pizza
etag: "c68c4b4-55d-59a91b2aa6480"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 477

GET
H2 200 css
fonts.googleapis.com/ 240 B
313 B 25ms
23ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&text=0123456789./\%

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b897362fa7c1a48619dbe5d4e359f2d136141fd50ce6e1a3140f7ff0061147e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 24 Mar 2020 03:52:46 GMT
server: ESF
date: Tue, 24 Mar 2020 03:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Mar 2020 03:52:46 GMT

GET
H2 200 better-reviews.min.css
koronavirus24.info/wp-content/plugins/better-reviews/css/ 14 KB
3 KB 130ms
128ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/css/better-reviews.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: e3dfcd7c51a79728e0b558316e99ce8d3ddce6e0443ce087ec8d05c535f53884

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:45:28 GMT
server: Jino.ru/mod_pizza
etag: "c68c471-368c-59a91881b9e00"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2629

GET
H2 200 pretty-photo.min.css
koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/ 7 KB
2 KB 133ms
131ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/pretty-photo.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:57:24 GMT
server: Jino.ru/mod_pizza
etag: "c68c4b1-1cc5-59a91b2c8e900"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1779

GET
H2 200 bs-icons.css
koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/ 4 KB
1 KB 135ms
133ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/bs-icons.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 2c4564a5a6a9f5193d09fd02d9201292d50153dbad3257e5abf93f8e333551ce

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:57:24 GMT
server: Jino.ru/mod_pizza
etag: "c68c4aa-117d-59a91b2c8e900"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 943

GET
H2 200 theme-libs.min.css
koronavirus24.info/wp-content/themes/theme/css/ 100 KB
17 KB 237ms
235ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/themes/theme/css/theme-libs.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 6e691a9253228a2a28f2897eca58262259ded9cecf94df5098b534eb01a10192

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:46:00 GMT
server: Jino.ru/mod_pizza
etag: "c68d60b-18e99-59a918a03e600"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 16996

GET
H2 200 font-awesome.min.css
koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/ 30 KB
7 KB 189ms
187ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/font-awesome.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:57:24 GMT
server: Jino.ru/mod_pizza
etag: "c68c4af-79c1-59a91b2c8e900"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 7150

GET
H2 200 style-7.5.4.min.css
koronavirus24.info/wp-content/themes/theme/ 534 KB
73 KB 237ms
236ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/themes/theme/style-7.5.4.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: ffddde5e25401a998c466188a6acd917c9e2cc996064dcb61dc9189e85d1e70f

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:44:16 GMT
server: Jino.ru/mod_pizza
etag: "c68f6d5-85987-59a9183d0fc00"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes

GET
H2 200 style.min.css
koronavirus24.info/wp-content/themes/theme/includes/styles/news-insider/ 13 KB
3 KB 233ms
232ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/themes/theme/includes/styles/news-insider/style.min.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 5be0bbd3be082731dba3c9d95b7d62a1a73040cb53c26d3c961fd8fe4601f8f9

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:52:46 GMT
server: Jino.ru/mod_pizza
etag: "c68f5f1-3461-59a91a236f780"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2639

GET
H2 200 ce53c8de8a9024977fbbfb402bec8d2c.css
koronavirus24.info/wp-content/bs-booster-cache/ 61 KB
9 KB 237ms
235ms Stylesheet
text/css 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/bs-booster-cache/ce53c8de8a9024977fbbfb402bec8d2c.css
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: dbce73fac093d3dab77c1000d834d74a2a7124409e360d3b6401de32b487e946

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 03:52:46 GMT
server: Jino.ru/mod_pizza
etag: W/"c690239-f595-5a191af4a2660"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 8542

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 32ms
19ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

400ae0fc65252bff6eb5b2e93816010a7f15a0424b76239e2de8d6bf89806aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39002
x-xss-protection: 0
server: cafe
etag: 7784257106377462153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 24 Mar 2020 03:52:46 GMT

GET
H2 200 55bb.png
koronavirus24.info/wp-content/uploads/2020/03/ 11 KB
11 KB 236ms
235ms Image
image/png 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koronavirus24.info/wp-content/uploads/2020/03/55bb.png
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: d4b38dde199a3e58edfc536c71eacf34d9c4463ea20a243f8589913d55955fad

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
last-modified: Mon, 23 Mar 2020 13:31:53 GMT
server: Jino.ru/mod_pizza
etag: "c700652-2a06-5a185a88747bb"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 10758

GET
H2 200 scripts.js Show response
koronavirus24.info/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 196ms
196ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:46 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:47:14 GMT
server: Jino.ru/mod_pizza
etag: "c68c772-3868-59a918e6d0c80"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 3993

GET
H2 200 front.min.js Show response
koronavirus24.info/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 72ms
72ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 01:44:04 GMT
server: Jino.ru/mod_pizza
etag: "c68c981-17cb-59a918319e100"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2349

GET
H2 200 wp-embed.min.js Show response
koronavirus24.info/wp-includes/js/ 1 KB
948 B 72ms
71ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-includes/js/wp-embed.min.js?ver=dd2d6e842b763487df2ffe502e75cbfb
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 02:02:32 GMT
server: Jino.ru/mod_pizza
etag: "c68994f-577-59a91c5249e00"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 740

GET
H2 200 b405d1e19b5b7037299b21e85e2b10a1.js Show response
koronavirus24.info/wp-content/bs-booster-cache/ 252 KB
73 KB 82ms
81ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/bs-booster-cache/b405d1e19b5b7037299b21e85e2b10a1.js?ver=dd2d6e842b763487df2ffe502e75cbfb
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 44ab4747ac9737509d533f12ea14723dd1a4e90861dce8755497dfae36cde170

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 06:28:25 GMT
server: Jino.ru/mod_pizza
etag: "c68fa5d-3f089-5a17fbe10656b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes

GET
H2 200 wp-emoji-release.min.js Show response
koronavirus24.info/wp-includes/js/ 14 KB
5 KB 75ms
74ms Script
application/javascript 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-includes/js/wp-emoji-release.min.js?ver=dd2d6e842b763487df2ffe502e75cbfb
Requested by: Host: koronavirus24.info
URL: https://koronavirus24.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
last-modified: Thu, 26 Dec 2019 02:02:28 GMT
server: Jino.ru/mod_pizza
etag: "c689952-362a-59a91c4e79500"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 4626

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 363 KB
92 KB 172ms
84ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

a4912d4672193aaabe4d977455cf9e2209e14c40dea212cfe1fd7020e217b19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
Content-Encoding: br
Last-Modified: Mon, 23 Mar 2020 12:56:16 GMT
Server: nginx/1.14.2
ETag: "5e78b1f0-16eea"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93930
Expires: Tue, 24 Mar 2020 04:52:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koronavirus24.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koronavirus24.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/ 224 KB
84 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85397
x-xss-protection: 0
server: cafe
etag: 2345445785748755544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Mar 2020 03:52:47 GMT

GET
H2 200 fontawesome-webfont.woff2
koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 113ms
112ms Font
text/html 81.177.6.6
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.6.6 , Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS: srv170-h-st.jino.ru
Software: Jino.ru/mod_pizza /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://koronavirus24.info/wp-content/plugins/better-reviews/includes/libs/better-framework/assets/css/font-awesome.min.css
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
last-modified: Thu, 26 Dec 2019 01:57:20 GMT
server: Jino.ru/mod_pizza
etag: "c68c4c1-12d68-59a91b28be000"
content-type: text/html
status: 200
accept-ranges: bytes
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 23:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 2435585
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6864
x-xss-protection: 0
expires: Tue, 23 Feb 2021 23:19:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 07:31:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 1542064
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6720
x-xss-protection: 0
expires: Sat, 06 Mar 2021 07:31:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 16:25:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 1164429
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6824
x-xss-protection: 0
expires: Wed, 10 Mar 2021 16:25:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2228741
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4590148
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xMIzIXKMnyrYk.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xMIzIXKMnyrYk.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802e25f8ea8742255749d4e5ae339a215dfa726520152974579c18c6a993aa88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 02:02:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1648222
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7608
x-xss-protection: 0
expires: Fri, 05 Mar 2021 02:02:25 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/ Frame 7497 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koronavirus24.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koronavirus24.info/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 17 Mar 2020 01:35:31 GMT
expires: Tue, 31 Mar 2020 01:35:31 GMT
content-type: text/html; charset=UTF-8
etag: 17714563530871986051
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4497
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 613036
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1644008
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:12:39 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:400,700,500,400italic
Origin: https://koronavirus24.info
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 23:14:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 1658274
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12680
x-xss-protection: 0
expires: Thu, 04 Mar 2021 23:14:53 GMT

GET
H/1.1 200
OK pluso-like.js Show response
share.pluso.ru/ 41 KB
14 KB 233ms
58ms Script
application/javascript 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/pluso-like.js

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

36db25d1b1f0e1ddd90cdf7c04b2f1940d09bb470ab98c7e4a092d8c0aa7f690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 May 2018 16:58:14 GMT
Server: nginx
ETag: 6138448798500923200
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-control: no-cache
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame F101 0
0 21ms
21ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6295929821839519&output=html&adk=1812271804&adf=3025194257&lmt=1585021967&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoronavirus24.info%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585021967274&bpp=24&bdt=392&fdt=104&idt=104&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2291731452874&frm=20&pv=2&ga_vid=542654304.1585021967&ga_sid=1585021967&ga_hid=1977890461&ga_fc=0&iag=0&icsg=37726463&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=10463450574711&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=116

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6295929821839519&output=html&adk=1812271804&adf=3025194257&lmt=1585021967&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoronavirus24.info%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585021967274&bpp=24&bdt=392&fdt=104&idt=104&shv=r20200316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2291731452874&frm=20&pv=2&ga_vid=542654304.1585021967&ga_sid=1585021967&ga_hid=1977890461&ga_fc=0&iag=0&icsg=37726463&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=410075106&oid=3&pvsid=10463450574711&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=116
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koronavirus24.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koronavirus24.info/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 24 Mar 2020 03:52:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 24-Mar-2020 04:07:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

351e508c1da4f9d1535747086accb41121466a52044aa868eba4a36009fdb101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1584962844677376"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27941
x-xss-protection: 0
expires: Tue, 24 Mar 2020 03:52:47 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/61187254/
Redirect Chain

https://mc.yandex.ru/watch/61187254?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...
https://mc.yandex.ru/watch/61187254/1?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...

0
-1 B

42ms
42ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/61187254/1?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200324045247%3Aet%3A1585021968%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A546871791%3Ahid%3A104070581%3Ads%3A0%2C143%2C983%2C1%2C174%2C0%2C0%2C465%2C21%2C%2C%2C%2C1767%3Afp%3A1739%3Awn%3A19116%3Ahl%3A2%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585021968%3Au%3A1585021968872430829%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 03:52:47 GMT
Last-Modified: Tue, 24-Mar-2020 03:52:47 GMT
Server: nginx/1.14.2
Location: /watch/61187254/1?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200324045247%3Aet%3A1585021968%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A546871791%3Ahid%3A104070581%3Ads%3A0%2C143%2C983%2C1%2C174%2C0%2C0%2C465%2C21%2C%2C%2C%2C1767%3Afp%3A1739%3Awn%3A19116%3Ahl%3A2%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585021968%3Au%3A1585021968872430829%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://koronavirus24.info
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 24-Mar-2020 03:52:47 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 03:52:47 GMT
Last-Modified: Tue, 24-Mar-2020 03:52:47 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://koronavirus24.info
Strict-Transport-Security: max-age=31536000
Location: /watch/61187254/1?wmode=7&page-url=https%3A%2F%2Fkoronavirus24.info%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585021965581%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200324045247%3Aet%3A1585021968%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A546871791%3Ahid%3A104070581%3Ads%3A0%2C143%2C983%2C1%2C174%2C0%2C0%2C465%2C21%2C%2C%2C%2C1767%3Afp%3A1739%3Awn%3A19116%3Ahl%3A2%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585021968%3Au%3A1585021968872430829%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%D0%BF%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 24-Mar-2020 03:52:47 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 77ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 24 Mar 2020 04:52:47 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/61187254/ 152 B
706 B 87ms
45ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: koronavirus24.info
URL: https://koronavirus24.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

cc3084a35182fa93970000767bc29293e5b5b4f451dd979d79010363269c1f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
Origin: https://koronavirus24.info
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 03:52:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 24-Mar-2020 03:52:47 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://koronavirus24.info
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Tue, 24-Mar-2020 03:52:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 28ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200316&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49f74fc4fa27956b15a1bd63c00f77212b295120214168ff0358b343a72f0bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
Origin: https://koronavirus24.info
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5108
x-xss-protection: 0

GET
H/1.1 200
OK process Show response
share.pluso.ru/ 119 B
466 B 59ms
59ms Script
application/javascript 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fkoronavirus24.info%2F&w=1600&h=1200&ref=&uid=6138448798500923200&k=aFLX5SMwSDqHXJna&first=1

Requested by

Host: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

ae6172428eeec028a022c62a48af62b0a890ed8796e269fddf4c8f84f45e8254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 119
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

hit;PLUSO
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0...
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%...

43 B
421 B

56ms
55ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438;1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host204.rax.ru
Software: nginx/1.11.1 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 03:52:47 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Mar 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 24 Mar 2020 03:52:47 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//koronavirus24.info/;h%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438;1
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 24 Mar 2019 21:00:00 GMT

GET
H/1.1 200
OK 04.png
share.pluso.ru/img/pluso-like/square/medium/ 24 KB
24 KB 117ms
59ms Image
image/png 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/pluso-like/square/medium/04.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

ed1bd5e0dea6831c7c897e04b3ded93fc793c06ccf94bbbbd91277e0372b1480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-5e2b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 24107
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK plus.png
share.pluso.ru/img/ 2 KB
3 KB 167ms
56ms Image
image/png 37.200.67.210
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://share.pluso.ru/img/plus.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.200.67.210 , Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 13 Apr 2015 11:02:40 GMT
Server: nginx
ETag: "552ba250-98a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2442
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK kb.js Show response
kitbit.net/ 1 KB
2 KB 227ms
56ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/kb.js

Requested by

Host: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

c30c148f1c16a359312a3895bd5f970754719f957b8428b7724704d742b78659

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:51:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8Xl55g9pInsM46/FdAg==
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=21600, private
Connection: keep-alive
Content-Type: application/javascript
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 09:51:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200316/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 03:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 24 Mar 2020 03:52:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame D508 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koronavirus24.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koronavirus24.info/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 24 Mar 2020 02:17:35 GMT
expires: Wed, 24 Mar 2021 02:17:35 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5712
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200316&jk=10463450574711&bg=!ExClEAhYSgN6z-nGw1ACAAAAMVIAAAAKmQFebXLBhmRSQa_BNEzD74dusgbX9wlqgVIShjGg3Z6KTYeHG0ABGvY-o7XPjx6kY6Vhr3CZQSlcEAPZz164iGAYz9tGNr7axi8L96uUMRi2JdKMDI0ICdXg1TdixTeR484_HmSc88rcG4qAfAJ8U3lV0DSMjva2hjdj0F-C1POhFI3tGdf-aCRslC0svPM4cEkML5zhe3qtMsRSSRx0R-peET-TUdWYl2I06hz1QVTeSGEkHQNbqIBu7_R5qXObPt9EmLkeAXSJY3SIwE9NYCz8fJDOIlDF47hu2mNsW-as-PoN-PtRfYNTgWBRavfB0xHsjkNVS4UD0YLw_tVApSGWVMDMVAZ2pQuPYzXVzEmeDuFgpv9oJyPS86-9W2zJjGzI9WkWhFovw-08w4eOSBBlF8cg7Sq733dstoPqXeey7rAG8MY8kWrYvRBJCfZ813lWUYCjuGxpe4l6jJFZRIU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 03:52:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ 3 KB
3 KB 191ms
63ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3d209841b7386276824a2c2bef167e1826a888033cce239e3a9251959660eacc

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Last-Modified: Wed, 18 Mar 2020 18:42:56 GMT
Server: nginx
ETag: "5e726bb0-b6d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2925

GET
H/1.1 200
OK s.js Show response
kitbit.net/ 1 B
303 B 57ms
57ms Script
application/javascript 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL

https://kitbit.net/s.js?u=https%3A%2F%2Fkoronavirus24.info%2F

Requested by

Host: kitbit.net
URL: https://kitbit.net/kb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:51:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 03:51:53 GMT

GET
H/1.1 200
OK h.gif
kitbit.net/ 43 B
537 B 113ms
55ms Image
image/gif 31.131.252.94
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//koronavirus24.info/&h=%u041A%u043E%u0440%u043E%u043D%u0430%u0432%u0438%u0440%u0443%u0441%20%u043F%u043E%u0441%u043B%u0435%u0434%u043D%u0438%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%26kbuid%3D5EFC831FDA83795E38C39E48025DF1EB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

31.131.252.94 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 24 Mar 2020 03:51:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: H4P8Xl55g9pInsM46/FdAg==
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Tue, 24 Mar 2020 03:51:54 GMT

GET
H2

200

scn
p1.ntvk1.ru/
Redirect Chain

https://p1.ntvk1.ru/nps
https://optinder.com/cro
https://p1.ntvk1.ru/scn?sid=1585021968232

68 B
387 B

145ms
144ms

Image
image/png

195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p1.ntvk1.ru/scn?sid=1585021968232

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-46.datapacket.com

Software

CDN77-Turbo /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Mar 2020 03:52:48 GMT
server: CDN77-Turbo
x-edge-location: frankfurtDE
etag: 0
strict-transport-security: max-age=604800
x-cache: MISS
content-type: image/png; charset=UTF-8
status: 200
x-edge-ip: 195.181.175.44
accept-ranges: bytes
content-length: 68
if-modified-since: 0
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 24 Mar 2020 03:52:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: //p1.ntvk1.ru/scn?sid=1585021968232
content-type: text/javascript
status: 302
cache-control: no-store, no-cache, private
cf-ray: 578d7104da7f18e5-FRA

GET
H/1.1 200
OK sud
ut9.rktch.com/ 84 B
84 B 187ms
61ms Image
image/png 176.99.5.124
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut9.rktch.com/sud
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.99.5.124 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS: d40625.acod.regrucolo.ru
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 24 Mar 2020 03:52:47 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ 14 KB
15 KB 113ms
112ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=708964583227323
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4950b038ac3f2a47184683d60bf8cc75d7be9108d23e0c62b0c204d6f6943636

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Last-Modified: Wed, 18 Mar 2020 18:42:56 GMT
Server: nginx
ETag: "5e726bb0-3981"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14721

GET
H/1.1 200
OK extension_1086.js Show response
tag.digitaltarget.ru/extensions/ 693 B
937 B 63ms
63ms Script
application/javascript 185.15.175.134
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/extensions/extension_1086.js?i=218771915741367
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: c62b50b3f76d35f581a65c3aaa62374ceff410db918a5e4c4b336d5be5678652

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Last-Modified: Wed, 18 Mar 2020 18:42:56 GMT
Server: nginx
ETag: "5e726bb0-2b5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 693

GET
H2

200

image
573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com/
Redirect Chain

https://dmg.digitaltarget.ru/1/6499/i/i?i=534007173381373.355361765877420
https://dmg.digitaltarget.ru/1/6499/i/i?i=534007173381373.355361765877420&q=scc
https://matcher.upravel.com/m?id=j8xMGZmon552555526ZO&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=573d3be5-49a7-4e19-bb6c-9360bb79bbf5
https://sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496
https://573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6...

181 B
717 B

188ms
85ms

Image
image/png

144.76.138.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9rb3JvbmF2aXJ1czI0LmluZm8vIl19fQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.138.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod-hzeu-bidder-3.community.moscow
Software: nginx /
Resource Hash: 637843f8fed13fb5fbf47d78509bd6b31df3d1fcc2a58cebbbfbdea9cefa250f

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 24 Mar 2020 03:52:48 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 181

Redirect headers

date: Tue, 24 Mar 2020 03:52:48 GMT
server: nginx
access-control-allow-origin: *
location: https://573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com/image?source=amberdata&id=csBni6mon55855552QmZ&rnd=206469001582646928167000000032781496&ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9rb3JvbmF2aXJ1czI0LmluZm8vIl19fQ
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/webp
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/6465/i/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F6465%2Fi%2Fi%3Fa%3D735%26e%3D%7BWEBO_CID%7D&bounce=1&random=953806536
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu
https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu&q=scc

0
398 B

64ms
60ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/6465/i/i?a=735&e=GvN9R./AJoUQI0URRoGTJu&q=scc
Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/7016/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7016/i/i?i=534007173381373.580861803858616
https://dmg.digitaltarget.ru/1/7016/i/i?i=534007173381373.580861803858616&q=scc

0
398 B

64ms
61ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/7016/i/i?i=534007173381373.580861803858616&q=scc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/7016/i/i?i=534007173381373.580861803858616&q=scc
Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/6533/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/6534/i/i?i=534007173381373.149327101786936
https://dmg.digitaltarget.ru/1/6534/i/i?i=534007173381373.149327101786936&q=scc
https://fnc.rt.ru/1/6532/i/i?i=535044001582647094266000000032639848
https://fnc.rt.ru/1/6532/i/i?i=535044001582647094266000000032639848&q=scc
https://dmg.digitaltarget.ru/1/6533/i/i?i=227221001582646856404000000002054835&a=774&e=4CSiCZmoi5lo5555KpWe

0
398 B

62ms
62ms

Image
text/plain

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/6533/i/i?i=227221001582646856404000000002054835&a=774&e=4CSiCZmoi5lo5555KpWe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: https://dmg.digitaltarget.ru/1/6533/i/i?i=227221001582646856404000000002054835&a=774&e=4CSiCZmoi5lo5555KpWe
Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.503493114898282&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.x...
https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.503493114898282&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.x...
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=ej8x0dpdbyghbCF7kMoO&i=818725001582646353258000000032741465
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=ej8x0dpdbyghbCF7kMoO

0
344 B

82ms
20ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=ej8x0dpdbyghbCF7kMoO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=ej8x0dpdbyghbCF7kMoO
Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

1086
ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru/awg/
Redirect Chain

https://dmg.digitaltarget.ru/awg/1086?i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps...
https://dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24k...
https://ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sy...

49 B
481 B

201ms
65ms

Image
image/gif

185.15.175.147
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.147 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/gif
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 0
Content-Length: 64
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Location: https://ej8x0dpdbyghbCF7kMoO.r.dmg.digitaltarget.ru/awg/1086?call_source=awg&i=534007173381373.687616142235388&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_init%20adcmjs_noorient
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 1
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.500481449527605&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.x...
https://dmg.digitaltarget.ru/1/1086/i/i?i=534007173381373.500481449527605&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.x...
https://dmg.digitaltarget.ru/1/117/i/i?a=117&e=csBni6mon55855552QmZ&i=292443001582646893364000000032808429
https://ps.eyeota.net/pixel?pid=0rij2bu&uid=csBni6mon55855552QmZ

0
344 B

64ms
20ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=csBni6mon55855552QmZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/pixel?pid=0rij2bu&uid=csBni6mon55855552QmZ
Date: Tue, 24 Mar 2020 03:52:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

1086
jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru/awg/
Redirect Chain

https://dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps...
https://jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD...

49 B
481 B

221ms
59ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koronavirus24.info/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/gif
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 0
Content-Length: 64
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Tue, 24 Mar 2020 03:52:48 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Location: https://jj.jwZmon5lP55551Wg0.r.dmg.digitaltarget.ru/awg/1086?i=534007173381373.411934417404165&a=86&e=5EFC831FDA83795E38C39E48025DF1EB&c=ss:86.up:5EFC831FDA83795E38C39E48025DF1EB.sync:up.xdua:dustD5Cbg24kkE4gyuSZQdm3.xps:xpsloIH0cDvGOcNTttG163FwO.dn:koronavirus24__info.tg:adcmjs_noorient
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 1
Content-Length: 0
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.koronavirus24.info/	1970-01-19 08:17:03	Name: _ym_visorc_61187254 Value: w
.koronavirus24.info/	1970-01-19 08:18:13	Name: _ym_isad Value: 2
.koronavirus24.info/	1970-01-19 17:02:37	Name: _ym_d Value: 1585021968
.koronavirus24.info/	1970-01-19 17:02:37	Name: _ym_uid Value: 1585021968872430829
.doubleclick.net/	1970-01-19 08:17:02	Name: test_cookie Value: CheckForPermission
koronavirus24.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: a0d471de86ba6ba57f7886587f032937

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://koronavirus24.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

573d3be5-49a7-4e19-bb6c-9360bb79bbf5.sync.upravel.com
adservice.google.com
adservice.google.de
counter.yadro.ru
dmg.digitaltarget.ru
ej8x0dpdbyghbcf7kmoo.r.dmg.digitaltarget.ru
fnc.rt.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jj.jwzmon5lp55551wg0.r.dmg.digitaltarget.ru
kitbit.net
koronavirus24.info
matcher.upravel.com
mc.yandex.ru
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
ps.eyeota.net
redirect.frontend.weborama.fr
share.pluso.ru
sync.upravel.com
tag.digitaltarget.ru
tpc.googlesyndication.com
ut9.rktch.com
www.googletagservices.com
144.76.138.28
176.9.8.252
176.99.5.124
185.15.175.134
185.15.175.137
185.15.175.145
185.15.175.147
195.181.175.46
2606:4700:3036::681f:5a66
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2002
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a02:6b8::1:119
3.125.70.222
31.131.252.94
35.190.16.14
37.200.67.210
81.177.6.6
88.212.201.204
94.130.75.254
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c4564a5a6a9f5193d09fd02d9201292d50153dbad3257e5abf93f8e333551ce
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
351e508c1da4f9d1535747086accb41121466a52044aa868eba4a36009fdb101
36db25d1b1f0e1ddd90cdf7c04b2f1940d09bb470ab98c7e4a092d8c0aa7f690
37d1e1513e58f662498b2b5de35cab1ce228bea2b326ea4fd58a6b1aa2af843a
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3d209841b7386276824a2c2bef167e1826a888033cce239e3a9251959660eacc
400ae0fc65252bff6eb5b2e93816010a7f15a0424b76239e2de8d6bf89806aa3
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
44ab4747ac9737509d533f12ea14723dd1a4e90861dce8755497dfae36cde170
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4950b038ac3f2a47184683d60bf8cc75d7be9108d23e0c62b0c204d6f6943636
49f74fc4fa27956b15a1bd63c00f77212b295120214168ff0358b343a72f0bcd
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5be0bbd3be082731dba3c9d95b7d62a1a73040cb53c26d3c961fd8fe4601f8f9
5c79b80ec32a532b360605538ac97c5b2b4fc85f57825582eff5318be177cca2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
637843f8fed13fb5fbf47d78509bd6b31df3d1fcc2a58cebbbfbdea9cefa250f
656be60d56cb1f1113ea4654806e9b054005f959dfc36b3e1810e3580a5d4fb8
6dcf5513db2216b938acffe6e78d51addb42160ad58c5d06206578a6fc251fa5
6e691a9253228a2a28f2897eca58262259ded9cecf94df5098b534eb01a10192
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7b897362fa7c1a48619dbe5d4e359f2d136141fd50ce6e1a3140f7ff0061147e
802e25f8ea8742255749d4e5ae339a215dfa726520152974579c18c6a993aa88
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
a369e130c680ce4782af107acfcac873193d111897fb92351f12453ea11a19e8
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4912d4672193aaabe4d977455cf9e2209e14c40dea212cfe1fd7020e217b19b
ae6172428eeec028a022c62a48af62b0a890ed8796e269fddf4c8f84f45e8254
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
c30c148f1c16a359312a3895bd5f970754719f957b8428b7724704d742b78659
c62b50b3f76d35f581a65c3aaa62374ceff410db918a5e4c4b336d5be5678652
cc3084a35182fa93970000767bc29293e5b5b4f451dd979d79010363269c1f64
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4b38dde199a3e58edfc536c71eacf34d9c4463ea20a243f8589913d55955fad
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dbce73fac093d3dab77c1000d834d74a2a7124409e360d3b6401de32b487e946
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dfcd7c51a79728e0b558316e99ce8d3ddce6e0443ce087ec8d05c535f53884
e4f6a606a63e81dbc45a3a5bae850789ff8075277fcfd5e73dd73cf3742fca5c
ed1bd5e0dea6831c7c897e04b3ded93fc793c06ccf94bbbbd91277e0372b1480
ed2d77ad6f19808e45fa19719a3818fa3f7c9f8f2e1accceefe0026d8376eab2
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
ffddde5e25401a998c466188a6acd917c9e2cc996064dcb61dc9189e85d1e70f

koronavirus24.info Open in urlscan Pro 81.177.6.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

94 %HTTPS

38 %IPv6

20 Domains

26 Subdomains

19 IPs

3 Countries

743 kBTransfer

2297 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

koronavirus24.info Open in urlscan Pro
81.177.6.6 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

94 %
HTTPS

38 %
IPv6

20
Domains

26
Subdomains

19
IPs

3
Countries

743 kB
Transfer

2297 kB
Size

6
Cookies

68 HTTP transactions
0 data transactions