urlscan.io logo urlscan.io
SecurityTrails logo

coronavirus-sus.th.uptodown.com Open in urlscan Pro
104.109.75.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://018.coronavirus-sus.th.uptodown.com/
Effective URL: https://coronavirus-sus.th.uptodown.com/android
Submission Tags: phishing malicious Search All
Submission: On July 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 7 countries across 16 domains to perform 82 HTTP transactions. The main IP is 104.109.75.95, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is coronavirus-sus.th.uptodown.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 16th 2020. Valid for: a year.
This is the only time coronavirus-sus.th.uptodown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

26    104.109.75.95 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-75-95.deploy.static.akamaitechnologies.com
018.coronavirus-sus.th.uptodown.com
coronavirus-sus.th.uptodown.com
stc.utdstc.com
img.utdstc.com
1    2606:4700:20::ac43:45cb (United States)

ASN13335 (CLOUDFLARENET, US)
ssm.codes
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
6    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
adservice.google.de
6    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.224.199.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-199-29.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    52.57.77.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-77-12.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com
16    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
5    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
7    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
coronavirus-sus.th.uptodown.com
cdn.ampproject.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 img.utdstc.com coronavirus-sus.th.uptodown.com
stc.utdstc.com
11 stc.utdstc.com coronavirus-sus.th.uptodown.com
stc.utdstc.com
7 pagead2.googlesyndication.com coronavirus-sus.th.uptodown.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
6 securepubads.g.doubleclick.net ssm.codes
securepubads.g.doubleclick.net
coronavirus-sus.th.uptodown.com
www.googletagservices.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 static.criteo.net ssm.codes
static.criteo.net
securepubads.g.doubleclick.net
coronavirus-sus.th.uptodown.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
coronavirus-sus.th.uptodown.com
3 www.googletagservices.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 bidder.criteo.com ssm.codes
static.criteo.net
3 www.google.com 2 redirects coronavirus-sus.th.uptodown.com
3 c.amazon-adsystem.com ssm.codes
c.amazon-adsystem.com
2 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 ice.360yield.com ssm.codes
2 www.google-analytics.com 1 redirects coronavirus-sus.th.uptodown.com
2 adservice.google.com ssm.codes
pagead2.googlesyndication.com
2 coronavirus-sus.th.uptodown.com 1 redirects
2 018.coronavirus-sus.th.uptodown.com 2 redirects
1 adservice.google.de pagead2.googlesyndication.com
1 1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adx.adform.net ssm.codes
1 www.google.de coronavirus-sus.th.uptodown.com
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.nl ssm.codes
1 ssm.codes coronavirus-sus.th.uptodown.com
82 25
Subject Issuer Validity Valid
uptodown.com
DigiCert SHA2 Secure Server CA		 2020-06-16 -
2021-09-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-20 -
2021-07-20		 a year crt.sh
*.google.nl
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://coronavirus-sus.th.uptodown.com/android
Frame ID: 10CF8EA0938F9F93AD3C40E5C9AFA63B
Requests: 48 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
Frame ID: 6796D8F8BF79BC7FCD323B5903F2EF04
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNXlB1al0LcWNHL_u1Dso6Q6CdbnP7Xek9ttAe68_Azkvft6bslDsKav-qLrkUkYBG6tUltac9tMGEth9HGDAFoFA0Ui48G2FzjgkfLkr3dmScORnTurfXVPpkUPEd1LyA7uuWkPeOi04ZHNxLb0_DjaATuwAjpfq-m0JAsnjlcOTBVp4lv0aLDo8S_xilnMmar3ZacfWh7dKBroXRGLKBt1Ki_-yBq5uzGKs5KUfnVEptKwMWPoI8dQ_HnrvGaZXVZ148jDA94jS6EyLOgSXA0ZFDsXEznRxWMI995ChDRdSUvlehedchT1Y8XA&sai=AMfl-YTkomur_EaiYutLeWAvtQXOrl2pSUAVTJrsaqhrfibHMSdge8Vd6e2z8pRxt86saYfEaELrL_JnzMfVo6M74qLNIZGAOrIKW7HYDAKjHjY_6XTqCPVzFM2MIX7oLys7&sig=Cg0ArKJSzOSArOYeo9GYEAE&urlfix=1&adurl=
Frame ID: F47D9A29FF7B723D984CE75971D12215
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Frame ID: 6994679442EF387F87C1017E00E05993
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200728/r20190131/zrt_lookup.html
Frame ID: 96A0033C8A8A1B08217CD4FD20C7D8EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0337387298854186&output=html&h=250&slotname=1389044399&adk=1759255392&adf=915425905&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ea=0&flash=0&wgl=1&adsid=NT&dt=1596145624618&bpp=11&bdt=331&idt=144&shv=r20200728&cbv=r20190131&ptt=9&saldr=aa&correlator=1212574016385&frm=23&ife=4&pv=2&ga_vid=1274431920.1596145624&ga_sid=1596145625&ga_hid=100401425&ga_fc=1&iag=3&icsg=2698&nhd=1&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=265&ady=305&biw=1600&bih=1200&isw=970&ish=250&ifk=1134472565&scr_x=0&scr_y=0&eid=21066647&oid=3&pvsid=107421888957006&pem=740&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.960v6usgaisq&fsb=1&dtd=158
Frame ID: 68D92CD427DEC871EFEB07089CCBB34E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A1769F033889BFA93B4F64C8BCF2944B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 94480D9667B9C5B8A290D35D211C1209
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://018.coronavirus-sus.th.uptodown.com/ HTTP 301
    https://018.coronavirus-sus.th.uptodown.com/ HTTP 301
    https://coronavirus-sus.th.uptodown.com/ HTTP 301
    https://coronavirus-sus.th.uptodown.com/android Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

82
Requests

100 %
HTTPS

63 %
IPv6

16
Domains

25
Subdomains

19
IPs

7
Countries

970 kB
Transfer

2698 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://018.coronavirus-sus.th.uptodown.com/ HTTP 301
    https://018.coronavirus-sus.th.uptodown.com/ HTTP 301
    https://coronavirus-sus.th.uptodown.com/ HTTP 301
    https://coronavirus-sus.th.uptodown.com/android Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1196624178&t=pageview&_s=1&dl=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ul=en-us&de=UTF-8&dt=Coronav%C3%ADrus-SUS%202.0.5%20%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%E0%B8%9A%20Android%20-%20%E0%B8%94%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%8C%E0%B9%82%E0%B8%AB%E0%B8%A5%E0%B8%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1305499711&gjid=1420460988&cid=1274431920.1596145624&tid=UA-313498-1&_gid=367117673.1596145624&_r=1&z=6245013 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_gid=367117673.1596145624&gjid=1420460988&_v=j83&z=6245013 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013&slf_rd=1&random=2186344423
Request Chain 32
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

82 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request android
coronavirus-sus.th.uptodown.com/
Redirect Chain
  • http://018.coronavirus-sus.th.uptodown.com/
  • https://018.coronavirus-sus.th.uptodown.com/
  • https://coronavirus-sus.th.uptodown.com/
  • https://coronavirus-sus.th.uptodown.com/android
103 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
38bcfc645a00c9052f5a117ec13393fd5e342713e89394500a1c64baecf10293

Request headers

Host
coronavirus-sus.th.uptodown.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Cache-Control
private, max-age=60
Expires
Thu, 30 Jul 2020 21:48:03 GMT
Date
Thu, 30 Jul 2020 21:47:03 GMT
Content-Length
21855
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
nginx
Content-Type
text/html;charset=UTF-8
Location
https://coronavirus-sus.th.uptodown.com/android
Cache-Control
private, must-revalidate, max-age=60
Expires
Thu, 30 Jul 2020 21:48:02 GMT
Date
Thu, 30 Jul 2020 21:47:02 GMT
Connection
close
app.th.625.css
stc.utdstc.com/css/ 		187 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/css/app.th.625.css
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
aa1485262a6de20dbfca092b07b93d38b9752fdf7729b1cd7cc58d77500f193f

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 08:28:37 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=15552000, public
Connection
keep-alive
Content-Length
34740
Expires
Sun, 24 Jan 2021 08:28:37 GMT
th.v10.625.js
stc.utdstc.com/js/ 		173 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/js/th.v10.625.js
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
209ceea254b5cae8a4dd7e5d3556f1d0a079b3cc017f09f4d8868fee199df071

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Apr 2020 08:28:37 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=15552000, public
Connection
keep-alive
Content-Length
54548
Expires
Sun, 24 Jan 2021 08:28:37 GMT
uptodown.js
ssm.codes/smart-tag/ 		349 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssm.codes/smart-tag/uptodown.js
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6169227664082929623036474ef3ef07911612f5df6c231ded6305ea38bf7dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
15770
cf-polished
origSize=358164
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
04434a78c100000614c6bd5200000001
last-modified
Wed, 29 Jul 2020 17:24:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
public, max-age=3600
cf-ray
5bb246a13de40614-FRA
cf-bgj
minify
integrator.js
adservice.google.nl/adsid/ 		109 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=coronavirus-sus.th.uptodown.com
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=coronavirus-sus.th.uptodown.com
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020072301.js
securepubads.g.doubleclick.net/gpt/ 		253 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 13:07:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91416
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:03 GMT
logo_new.png
stc.utdstc.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/logo_new.png
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
42f12b2ffdda5bc781197c783c933da14c47fe83fcd9a3110a3c6bf08ffc8bef

Request headers

Referer
https://stc.utdstc.com/css/app.th.625.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Tue, 04 Oct 2016 09:26:29 GMT
Server
nginx
ETag
"57f375c5-4cf"
Content-Type
image/png
Cache-Control
max-age=15552000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1231
Expires
Sat, 19 Dec 2020 14:49:36 GMT
roboto-300.woff
stc.utdstc.com/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/fonts/roboto-300.woff
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e428af8551cc16730a407e1f40095c3fa7a8b8f25bb7f39575f6fceefc2ffe81

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stc.utdstc.com/css/app.th.625.css
Origin
https://coronavirus-sus.th.uptodown.com

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Mon, 08 Jul 2019 07:39:56 GMT
Server
nginx
ETag
"5d22f34c-4a1c"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18972
Expires
Fri, 18 Dec 2020 20:25:39 GMT
roboto-100.woff
stc.utdstc.com/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/fonts/roboto-100.woff
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e5805ff82ac7e960beec601f53d5b3cdabff17e0e825368f485965bcfbf0b5be

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stc.utdstc.com/css/app.th.625.css
Origin
https://coronavirus-sus.th.uptodown.com

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Mon, 08 Jul 2019 07:39:55 GMT
Server
nginx
ETag
"5d22f34b-4a54"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19028
Expires
Sun, 20 Dec 2020 17:08:54 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
flags.png
stc.utdstc.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/flags.png
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
af2ebf3a4ab248d59348eeebe0d9c52cedc2aa2ea054ff37271a72f3cf8f04a8

Request headers

Referer
https://stc.utdstc.com/css/app.th.625.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Tue, 04 Oct 2016 09:26:29 GMT
Server
nginx
ETag
"57f375c5-83f"
Content-Type
image/png
Cache-Control
max-age=15552000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2111
Expires
Tue, 05 Nov 2019 16:30:58 GMT
roboto-400.woff
stc.utdstc.com/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/fonts/roboto-400.woff
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stc.utdstc.com/css/app.th.625.css
Origin
https://coronavirus-sus.th.uptodown.com

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Mon, 08 Jul 2019 07:39:58 GMT
Server
nginx
ETag
"5d22f34e-49d8"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18904
Expires
Sun, 20 Dec 2020 23:23:30 GMT
roboto-900.woff
stc.utdstc.com/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/fonts/roboto-900.woff
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bcf6aa6fb2ac5e1fd5d1e7a2577552902cfd8255c9557b7a512319c390431882

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stc.utdstc.com/css/app.th.625.css
Origin
https://coronavirus-sus.th.uptodown.com

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Mon, 08 Jul 2019 07:41:50 GMT
Server
nginx
ETag
"5d22f3be-4a50"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19024
Expires
Sat, 19 Dec 2020 16:37:21 GMT
uptodown.woff
stc.utdstc.com/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.utdstc.com/fonts/uptodown.woff
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
53f4bd2dde4f0edcfffd1af63f222548303fa095e13915385a0066c7ef6f2a2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://stc.utdstc.com/css/app.th.625.css
Origin
https://coronavirus-sus.th.uptodown.com

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Thu, 13 Aug 2015 11:01:35 GMT
Server
nginx
ETag
"55cc790f-2a88"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10888
Expires
Wed, 16 Dec 2020 10:24:08 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5484
date
Thu, 30 Jul 2020 20:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 30 Jul 2020 22:15:39 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		102 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:44:58 GMT
content-encoding
gzip
server
Server
age
125
etag
b586b236f6b3db3c4ca9410451195336
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AnCxVv09_kLhR9anK-pSnPx2k2tTrp9SVVVu6cR3LJC-hDKCq1ksVw==
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
imagelogo.png
stc.utdstc.com/img/ 		619 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/imagelogo.png
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
16969b0fc75ead83f454b5b3b1c93b27f2a2fa186f67b0d0be68abad8dcd2403

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Tue, 04 Oct 2016 09:26:29 GMT
Server
nginx
ETag
"57f375c5-26b"
Content-Type
image/png
Cache-Control
max-age=15552000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
619
Expires
Tue, 12 Nov 2019 05:50:58 GMT
coronavirus-sus-android.png:75
img.utdstc.com/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/icons/coronavirus-sus-android.png:75
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9059ff0edf771e3d6497d7bcad5b102becc6de65a4dced40c3b73ae78f83f7f6

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:25:45 GMT
Server
nginx
ETag
"5e725999-602"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=16728
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1538
Expires
Fri, 31 Jul 2020 02:25:51 GMT
coronavirus-sus.jpg:300
img.utdstc.com/screen/13/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
757c862592d50b63588acee7c59cc67728b095d090674afd559d8589e044feb3

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:54:54 GMT
Server
nginx
ETag
"5e72606e-16c4"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20145
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5828
Expires
Fri, 31 Jul 2020 03:22:48 GMT
coronavirus-sus-1.jpg:300
img.utdstc.com/screen/13/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-1.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a7c6d54a4075d623a55417c69a6d91cc39fee6770f4235e147ad28967fb210c3

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:31:37 GMT
Server
nginx
ETag
"5e725af9-16ee"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20212
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5870
Expires
Fri, 31 Jul 2020 03:23:55 GMT
coronavirus-sus-2.jpg:300
img.utdstc.com/screen/13/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-2.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b5aa3814bc5665a3b655ea844ad90424da19d41e9b54bb3c3fe5c2fdec4b2304

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:31:24 GMT
Server
nginx
ETag
"5e725aec-1804"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20158
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6148
Expires
Fri, 31 Jul 2020 03:23:01 GMT
coronavirus-sus-3.jpg:300
img.utdstc.com/screen/13/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-3.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dc24eaf9f6892a992a8ec0f4f0885ec5fb436046ac570b3d188dc5c3945ca525

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:31:24 GMT
Server
nginx
ETag
"5e725aec-1cf4"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20211
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7412
Expires
Fri, 31 Jul 2020 03:23:54 GMT
coronavirus-sus-4.jpg:300
img.utdstc.com/screen/13/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-4.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
097f0f9038aba19030b90de3d7f09c4da2c4229e94f763add1719caf963b7d81

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:36:15 GMT
Server
nginx
ETag
"5e725c0f-f9e"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20159
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3998
Expires
Fri, 31 Jul 2020 03:23:02 GMT
coronavirus-sus-5.jpg:300
img.utdstc.com/screen/13/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-5.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
391e115e1e27bf477f10940e7012e2b6e78f9b8585b1ef8681b4d5bd1e0b0f0b

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:31:25 GMT
Server
nginx
ETag
"5e725aed-1a52"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20179
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6738
Expires
Fri, 31 Jul 2020 03:23:22 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1196624178&t=pageview&_s=1&dl=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ul=en-us&de=UTF-8&dt=Coronav%C3%ADrus-SUS%202.0.5...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_gid=367117673.1596145624&gjid=1420460988&_v=j83&z=6245013
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013&slf_rd=1&random=2186344423
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013&slf_rd=1&random=2186344423
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013&slf_rd=1&random=2186344423
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		117 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&pid=fU6Q2vWnSmV9A&cb=0&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FLeaderboard_App_Info%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22468x60%22%2C%22336x280%22%2C%22300x250%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FLeaderboard_bottom_App_Info%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1060150%2FMPU_content_App_Info%22%7D%5D&pubid=9fb11589-5021-48ea-beaa-c53b84a2543f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
Server /
Resource Hash
b3104088bc90840b424eaa34ae16ff1e26535c2bdf0c579a2c9939715d611eed

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:03 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
127
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
x-amz-cf-id
_II_tOXNlLG6zShj-CUJ0aYLUhzIS7Czn65ZQV1S9EwzBw0OFEx7fw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.199.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-199-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:05 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 10:10:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
status
200
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
public, max-age=86400
x-cache
Miss from cloudfront
x-amz-cf-id
r6WXA4dr7r7G84VrDujTyVgJvV6wnxfkmhmmqPkGKDtIQyuY_Xy9YQ==
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cdb
bidder.criteo.com/ 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.0.0&cb=1031426888
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Thu, 30 Jul 2020 21:47:03 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
timing-allow-origin
*
vary
Origin
hb
ice.360yield.com/ 		105 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22104e823ec6ff439%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2253c900e5003f7c%22%2C%22pid%22%3A22336509%2C%22tid%22%3A%2226a4845f-3f32-470d-b87a-eaaddc749c02%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.77.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-77-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f7cf473240521704b9b5a9bd0c4fc8b9c99dde60550a37c76931db4ac0b3c48b

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Thu, 30 Jul 2020 21:47:03 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
content-type
application/json; charset=UTF-8
content-length
105
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
hb
ice.360yield.com/ 		105 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22119acf13adddffb%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2268a633503acfbe%22%2C%22pid%22%3A22336509%2C%22tid%22%3A%229f5cd20e-af0d-4c6a-92d2-6bd90de69882%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.77.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-77-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a25dacac0ea7b4062eb143f375de8e49dfdaff0ad39288ab5fbebf590d4c77a4

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Thu, 30 Jul 2020 21:47:03 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
content-type
application/json; charset=UTF-8
content-length
105
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
adx.adform.net/adx/ 		10 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg0NDEzOCZ0cmFuc2FjdGlvbklkPTI2YTQ4NDVmLTNmMzItNDcwZC1iODdhLWVhYWRkYzc0OWMwMg%3D%3D&bWlkPTg0NDEzOCZ0cmFuc2FjdGlvbklkPTlmNWNkMjBlLWFmMGQtNGM2YS05MmQyLTZiZDkwZGU2OTg4Mg%3D%3D&pt=gross&stid=782f6ad9-faec-4fd2-a52e-faa973ebba32&fd=1
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:03 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
10
expires
-1
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 6796
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://coronavirus-sus.th.uptodown.com/android
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A_q4wnOjxkmesXR61N39eM0|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirus-sus.th.uptodown.com/android

Response headers

Server
Server
Date
Thu, 30 Jul 2020 21:47:04 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
191
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A_q4wnOjxkmesXR61N39eM0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 21:47:03 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 21:47:04 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Thu, 30 Jul 2020 21:47:03 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
Set-Cookie
ad-id=A_q4wnOjxkmesXR61N39eM0|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 21:47:03 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
coronavirus-sus-6.jpg:300
img.utdstc.com/screen/13/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-6.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
391e115e1e27bf477f10940e7012e2b6e78f9b8585b1ef8681b4d5bd1e0b0f0b

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:32:15 GMT
Server
nginx
ETag
"5e725b1f-1a52"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20166
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6738
Expires
Fri, 31 Jul 2020 03:23:09 GMT
coronavirus-sus-7.jpg:300
img.utdstc.com/screen/13/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-7.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f81be7df9b676cacd1fd08e43a238ee270e1d3e231939fe33cef31249f067fb2

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Wed, 18 Mar 2020 17:32:17 GMT
Server
nginx
ETag
"5e725b21-826"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20150
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2086
Expires
Fri, 31 Jul 2020 03:22:53 GMT
coronavirus-sus-8.jpg:300
img.utdstc.com/screen/13/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/screen/13/coronavirus-sus-8.jpg:300
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a38bea48fb8a888dfeeb65fdc9e039d9b60c4c1ad46396f3314efbb1172d3345

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:03 GMT
Last-Modified
Thu, 19 Mar 2020 02:48:00 GMT
Server
nginx
ETag
"5e72dd60-85a"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=20196
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2138
Expires
Fri, 31 Jul 2020 03:23:39 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2726103447853658&correlator=2764905698644242&output=ldjh&impl=fifs&adsid=NT&eid=21066721&vrg=2020072301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200730&iu_parts=1060150%2CLeaderboard_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C468x60%7C980x250&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=ssmasdomain%3Dcoronavirus-sus.th.uptodown.com%26ssmasin%3D1%26ssmashour%3D21%2651_uptodow%3D%252Fandroid%26ssmascategory%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1596145623&dt=1596145623978&dlt=1596145623195&idt=374&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=320&adks=3825268104&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&dssz=18&icsg=42&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&ga_vid=1274431920.1596145624&ga_sid=1596145624&ga_hid=1196624178&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
5d095ae74e81cfa4c3f055dde1f80de7f29153a9db10c401d69144ad04a71cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3079
x-xss-protection
0
google-lineitem-id
4725175829
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
114189984030
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2726103447853658&correlator=2764905698644242&output=ldjh&impl=fifs&adsid=NT&eid=21066721&vrg=2020072301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200730&iu_parts=1060150%2CMPU_content_App_Info&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x600%7C300x250&fluid=height&cust_params=ssmasdomain%3Dcoronavirus-sus.th.uptodown.com%26ssmasin%3D1%26ssmashour%3D21%2651_uptodow%3D%252Fandroid%26ssmascategory%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1596145623&dt=1596145623993&dlt=1596145623195&idt=374&frm=20&biw=1600&bih=1200&oid=3&adxs=1000&adys=814&adks=2033861225&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&dssz=18&icsg=42&std=0&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=300x50&msz=300x0&ga_vid=1274431920.1596145624&ga_sid=1596145624&ga_hid=1196624178&fws=4&ohw=1320
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
85c9f5710d1ba97b33666c06a9a1f3eb6033d4ae9efb70ff8147d63064367fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10652
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: ssm.codes
URL: https://ssm.codes/smart-tag/uptodown.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 07:47:50 GMT
server
nginx
etag
W/"5f169da6-121cc"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 31 Jul 2020 21:47:04 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		72 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 07:47:50 GMT
server
nginx
etag
W/"5f169da6-121cc"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 31 Jul 2020 21:47:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F47D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNXlB1al0LcWNHL_u1Dso6Q6CdbnP7Xek9ttAe68_Azkvft6bslDsKav-qLrkUkYBG6tUltac9tMGEth9HGDAFoFA0Ui48G2FzjgkfLkr3dmScORnTurfXVPpkUPEd1LyA7uuWkPeOi04ZHNxLb0_DjaATuwAjpfq-m0JAsnjlcOTBVp4lv0aLDo8S_xilnMmar3ZacfWh7dKBroXRGLKBt1Ki_-yBq5uzGKs5KUfnVEptKwMWPoI8dQ_HnrvGaZXVZ148jDA94jS6EyLOgSXA0ZFDsXEznRxWMI995ChDRdSUvlehedchT1Y8XA&sai=AMfl-YTkomur_EaiYutLeWAvtQXOrl2pSUAVTJrsaqhrfibHMSdge8Vd6e2z8pRxt86saYfEaELrL_JnzMfVo6M74qLNIZGAOrIKW7HYDAKjHjY_6XTqCPVzFM2MIX7oLys7&sig=Cg0ArKJSzOSArOYeo9GYEAE&urlfix=1&adurl=
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:04 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
publishertag.js
static.criteo.net/js/ld/ Frame F47D 		103 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
073c5040e8ee62ce265b9184911c7cd345a2fda8560570098ee73fcad73ac9f4

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
last-modified
Tue, 21 Jul 2020 07:47:59 GMT
server
nginx
etag
W/"5f169daf-19aa4"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 31 Jul 2020 21:47:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F47D 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a34daeab0affa7bfd4f4b6675905de21679c5378e1c5a0bdb03d15fbd52783f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1596064260430063"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
32302
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1596064266704224"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27106
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
cdb
bidder.criteo.com/ Frame F47D 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=93&profileId=184&cb=88196359640
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Thu, 30 Jul 2020 21:47:04 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
timing-allow-origin
*
vary
Origin
truncated
/ Frame F47D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1c8b27e4cd295595653ef22f596a4b945273723066e2e0f7e035eaee738075

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F47D 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b2519ef21b9a13dc537b7f6bc6a4807978678fe7361f7d784beee2d81bc7a0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42950
x-xss-protection
0
server
cafe
etag
12764724731849731542
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Jul 2020 21:47:04 GMT
pixel.gif
static.criteo.net/images/ Frame F47D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 25 Jul 2021 21:47:04 GMT
pixel.gif
static.criteo.net/images/ Frame F47D 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 25 Jul 2021 21:47:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F47D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjfwTOsIi0rGx_pgkVoqpVLSsvuIz-bFOOAV20GkLknQ6AYgbFtlFU6rHw9IksNOIJFsnlTkVwpq6IMuWsVDb_GsqIHdXrT-KTUkwEK9Dp1fcCr3KijhaM3oxv4GDmCrinvXPuH6raYLDRX3YLa5NqD-uDHgMrh5vkgl1R51Is775vWulumYgp1LqAW39kO4loEHSsNIf6VUx_Fq8hdW94z0HgcazDoujpceSUpESzg1fonxM4HZtcsLn47YlpE8TzooY_FaI8vYPdWkzqnHw0tjVYr8q85qECPXf59XDu2A&sai=AMfl-YSVW84Gzp36Q8L4ZI6xsDk5YLIkix0bKoxFPfMmO6ZiiYaQ7HOAL_4VvfiIj7_1_hDDz0ICxbiVHcHBJZNjfNokSIzJwyNl6ykC0CalhhMcYZ0WO0slI6zpzo6XYb8L&sig=Cg0ArKJSzHu7AgpOzLt_EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:04 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/032007280015000/ Frame 6994 		206 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309720733d24279bb255c9bfcdfb2792a24681d944f3f87ddcd5e94ba8a7fcd8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
77377
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57377
x-xss-protection
0
server
sffe
date
Thu, 30 Jul 2020 00:17:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4f77d542acfd5464"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jul 2021 00:17:27 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032007280015000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
175127
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5911
x-xss-protection
0
server
sffe
date
Tue, 28 Jul 2020 21:08:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2b698f14ce780d2f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jul 2021 21:08:17 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032007280015000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66770
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29729
x-xss-protection
0
server
sffe
date
Thu, 30 Jul 2020 03:14:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"343248c140f42a43"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jul 2021 03:14:14 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032007280015000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
66049
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
server
sffe
date
Thu, 30 Jul 2020 03:26:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9949b381080a26e"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jul 2021 03:26:15 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032007280015000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
175127
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15002
x-xss-protection
0
server
sffe
date
Tue, 28 Jul 2020 21:08:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a54c33253427c91"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jul 2021 21:08:17 GMT
truncated
/ Frame 6994 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40ef2b624fd0b3af4ccc737aed1267f6f71c199b6edb5f6297c15eb3be24bfd1

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
8285715419372089492
tpc.googlesyndication.com/daca_images/simgad/ Frame 6994 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8285715419372089492
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a7422df31d4e15c7e46387372bc40976510c20a6dcdb67c64e060c792bad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 22:18:16 GMT
x-content-type-options
nosniff
age
84528
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19142
x-xss-protection
0
last-modified
Fri, 02 Aug 2019 20:04:48 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jul 2021 22:18:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
38286
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 31 Jul 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 		295 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
1206
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 31 Jul 2020 21:26:58 GMT
l
www.google.com/ads/measurement/ Frame 6994 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2U0Ov3utQEyLWY6TTcct2y46QcOn-z7w4kQPXM-dtathmk7OSQNeWlH70iXO7Up_IZq8J
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 6994 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdMlt2D8jX87kD8eS7_UP6P6IkAeXvrmlXqHNhJj8C4OCyqsBEAEghtTOHmD7gYCAiAqgAaO8pOcCyAECqQII3EkHdvmoPuACAKgDAcgDCKoEogJP0Ea2Ua7Kwl3YuR_fxf8gCxRxWWTIQmwGjCLGjlwMmg5kBmkxKqJN_vwpPX-YWRLuS-2EJjY6-TBVrhyxlLdGNPfqI6fch8uvnIdhfmp8PrrTnw724WAPj4hXz1to-a61uRjBweoL4XTFP2PLL9ASbFs7fOTM-vitxYqcufhIh4v_FGvFPLTxD7w-RB8Zwsn5HiBgATxnufbKD77PaVFhs62nQD4RULBZTRsZDWEYNLNBkD07xReRp7meaPe9mTammkpm9G23oxIJCzc9mcY4qoKfWp71wgpPtAGG7Pabg_4nuNIUBbgnbovO1BUlS7EdOTXVoS7qM7jXm34R6_vl5jViXwm6cP_z872U3kkdL3vvPU7N5cVACQs2oycme0ntTcAEpP3ThoYD4AQBkgUECAQYAZIFBAgFGASgBgKAB8XD25gBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOi2CtIICQiA4YBQEAEYHYAKA8gLAdgTDA&sigh=18iEIpnGEEg&tpd=AGWhJmt87yMWvThapT6zza009SRQ9STewx3We0cxVHhuCDawoQ
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame F47D 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=coronavirus-sus.th.uptodown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F47D 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=coronavirus-sus.th.uptodown.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/ Frame F47D 		223 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a0c01ba057a92f6f239164122340b8087ce24dfdcfa652ace2371a7655e323e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
85729
x-xss-protection
0
server
cafe
etag
813683017860634811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Jul 2020 21:47:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200728/r20190131/ Frame 96A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200728/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200728/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronavirus-sus.th.uptodown.com/android
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnaHdD-4LonYhoDpNINsD4TWpJIYaj9SsVKs4qXllhhAztTU85ARPVPxTJv; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirus-sus.th.uptodown.com/android

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 28 Jul 2020 21:02:35 GMT
expires
Tue, 11 Aug 2020 21:02:35 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
175469
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6994
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Thu, 30 Jul 2020 21:47:04 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 68D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0337387298854186&output=html&h=250&slotname=1389044399&adk=1759255392&adf=915425905&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ea=0&flash=0&wgl=1&adsid=NT&dt=1596145624618&bpp=11&bdt=331&idt=144&shv=r20200728&cbv=r20190131&ptt=9&saldr=aa&correlator=1212574016385&frm=23&ife=4&pv=2&ga_vid=1274431920.1596145624&ga_sid=1596145625&ga_hid=100401425&ga_fc=1&iag=3&icsg=2698&nhd=1&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=265&ady=305&biw=1600&bih=1200&isw=970&ish=250&ifk=1134472565&scr_x=0&scr_y=0&eid=21066647&oid=3&pvsid=107421888957006&pem=740&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.960v6usgaisq&fsb=1&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-0337387298854186&output=html&h=250&slotname=1389044399&adk=1759255392&adf=915425905&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ea=0&flash=0&wgl=1&adsid=NT&dt=1596145624618&bpp=11&bdt=331&idt=144&shv=r20200728&cbv=r20190131&ptt=9&saldr=aa&correlator=1212574016385&frm=23&ife=4&pv=2&ga_vid=1274431920.1596145624&ga_sid=1596145625&ga_hid=100401425&ga_fc=1&iag=3&icsg=2698&nhd=1&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=265&ady=305&biw=1600&bih=1200&isw=970&ish=250&ifk=1134472565&scr_x=0&scr_y=0&eid=21066647&oid=3&pvsid=107421888957006&pem=740&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.960v6usgaisq&fsb=1&dtd=158
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronavirus-sus.th.uptodown.com/android
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnaHdD-4LonYhoDpNINsD4TWpJIYaj9SsVKs4qXllhhAztTU85ARPVPxTJv; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirus-sus.th.uptodown.com/android

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 30 Jul 2020 21:47:05 GMT
server
cafe
content-length
23606
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame F47D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200728&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e53b6fb4cf38ed2f8b70583ae04bbf63b106f72b54ea383b76803c3dd88c1723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5629
x-xss-protection
0
osd.js
www.googletagservices.com/activeview/js/current/ Frame F47D 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1596064266704224"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27106
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
8285715419372089492
tpc.googlesyndication.com/daca_images/simgad/ Frame 6994 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8285715419372089492
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86a7422df31d4e15c7e46387372bc40976510c20a6dcdb67c64e060c792bad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 29 Jul 2020 22:18:16 GMT
x-content-type-options
nosniff
age
84528
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19142
x-xss-protection
0
last-modified
Fri, 02 Aug 2019 20:04:48 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jul 2021 22:18:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
38286
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 31 Jul 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 		295 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
1206
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 31 Jul 2020 21:26:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F47D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A176 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronavirus-sus.th.uptodown.com/android
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirus-sus.th.uptodown.com/android

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Thu, 30 Jul 2020 21:11:42 GMT
expires
Fri, 30 Jul 2021 21:11:42 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2122
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame F47D 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200728&jk=107421888957006&bg=!7e6l7vZYNSHzrf6vzj4CAAAAN1IAAAALCgAQziLuo1z-TsBcrPycQPXD_JkBnOgEoyj7Bs3BtgfYrUcO_pqgGKP66NT1oqaV4oavwfKzZbCHGFy1Jcr9TLYdA9sshFUt2rdUOq0tcVj-12q6hdM3mw0brqiSdFglU3bBT5vYGJ3KuSeKHLDPl5kERDdzOcLQnoGjX07LA7dL9FJmlgQ6-lzMrx2oW9LFozVIkuF6viSNesr51_DMrq9z-nLmAuivWZ0vcaIc0WiMTzS33byW1DnSrYLs1lb2JqA1sOSsXCPf8RuQFTF2baWbl-2T-FnwYzMbH-DJi4YD0zIRA27NbHH3tEET3aDhqYGo95wuzjLf8Kyyk55UbV8isJFU02ckHXP_axyP7h_Y__mmdMZWXH-mPgV0TcMXED7pswo-JqYmIcFNyyCiPvdJxcNDlhKvHkvvye_hUnD4oJovTC3qT5UvDowUjfWaVqakQXc992huiGyShylEOniuCaza4n4fk-hY4kA_sBVWaj1nL6qXHEZUkNXACCtktfFEoxrMQqm9sHB1sS0RmoDocSEZP27ZsDbguABU0w08xstO7qmtqeQ1Of62xntlr0o
Requested by
Host: coronavirus-sus.th.uptodown.com
URL: https://coronavirus-sus.th.uptodown.com/android
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddbe4bd5ca1098933853c19146d5efea2bae5009162ee8d239246964f19df43d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 30 Jul 2020 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5699
x-xss-protection
0
imagelogo.png
stc.utdstc.com/img/ 		619 B
962 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stc.utdstc.com/img/imagelogo.png
Requested by
Host: stc.utdstc.com
URL: https://stc.utdstc.com/js/th.v10.625.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
16969b0fc75ead83f454b5b3b1c93b27f2a2fa186f67b0d0be68abad8dcd2403

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Thu, 30 Jul 2020 21:47:05 GMT
Last-Modified
Tue, 04 Oct 2016 09:26:29 GMT
Server
nginx
ETag
"57f375c5-26b"
Content-Type
image/png
Cache-Control
max-age=15552000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
619
Expires
Tue, 12 Nov 2019 05:50:58 GMT
coronavirus-sus-android.png:75
img.utdstc.com/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/icons/coronavirus-sus-android.png:75
Requested by
Host: stc.utdstc.com
URL: https://stc.utdstc.com/js/th.v10.625.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.75.95 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-75-95.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9059ff0edf771e3d6497d7bcad5b102becc6de65a4dced40c3b73ae78f83f7f6

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:47:05 GMT
Last-Modified
Wed, 18 Mar 2020 17:25:45 GMT
Server
nginx
ETag
"5e725999-602"
Vary
Accept
Content-Type
image/webp
Cache-Control
private, max-age=16726
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1538
Expires
Fri, 31 Jul 2020 02:25:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:47:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Thu, 30 Jul 2020 21:47:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9448 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronavirus-sus.th.uptodown.com/android
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirus-sus.th.uptodown.com/android

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Thu, 30 Jul 2020 21:11:42 GMT
expires
Fri, 30 Jul 2021 21:11:42 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2123
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame F47D 		42 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusyPReoCsxT_Dk52r7cC9lGFpTsRxYdw4MgCnzuJr8hnwuXSOEYdNhieLSR37ocDmJL7datyEBpVWlL4N_6DCAlSvcoprjXnkbL4bUurk&sig=Cg0ArKJSzFrwrZEqLi5REAE&id=osdim&mcvt=1009&p=305,265,555,1235&mtos=1009,1009,1009,1009,1145&tos=1009,0,0,0,136&v=20200729&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3825268104&rs=4&met=ce&la=1&cr=0&osd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072301&jk=2726103447853658&bg=!dnWldW1Yp_CoZmy7zYICAAAARlIAAAATmQGW3wk_g_ELlO3EWtJP8gSRwuAEJ3gbYq-Qj7YJ8l1W0Ci0P5TgdkrboyN2-sRZAsspdl9D407xqbZoIlNg0KPSRtYAqXrpPc0aEYfJw0JZAurwkwMqbzTVMUN8OlPlfRsTAHDDbMyS5E1kGRZzICvxHFsrdm5Ai-hWEFbD0u3VGO4d6BeUwsCWHMXsfoWf69hsAmhR8tfd8obpipG-a-wA0CZ33tJBLrAOFTuQtFIXMParKgVIhKabnON87M7yYZQkaA3N2-XFBd4vnx3PwUn9xG34qzZ598M415SHjXlTkBHrIwDnJ-JRwsCpBQo87vzssd40l0z_1DZIfvXxYDZr3pse5OSoE8iqh9tkMe3weNA4xFbLPywNGZZPeCSRVwp1FPe0BMHATW38acwaEoNtVu66lR9Ca_NicuNFHB1Lol95oYn-fDBINBa0Al5mpoZopFeVIkdfi6hPZRD4K01FCV2qt5242jtCefTy517-KtWpwduMC0MM6QlG-KglDZTTkqYmN2nqRD_P_spSaErSf5MLmPXXYQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:47:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csm
bidder.criteo.com/ Frame F47D 		0
161 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm?ptv=93&profileId=184
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-sus.th.uptodown.com/android
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
204
date
Thu, 30 Jul 2020 21:47:06 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://coronavirus-sus.th.uptodown.com
timing-allow-origin
*
vary
Origin

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ssm_config object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| pbjsChunk object| pbjs object| _pbjsGlobals object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| smartTagLoaded object| ssmSmartTag function| add_lookup_suggest object| replys string| plataforma string| subdom string| url_portal string| url_prog string| url_subdomain_lang string| url_subdomain_lang_platform string| url_lang string| lang string| dominio string| url_basic function| getSubDom function| saveHtmlComments function| replaceHtmlComments function| removeComments function| loadjs function| langso function| GetURLParameter function| suscribir_boletin number| bloqueado number| bloqueo_time number| lookup_count number| lookup_selected string| lookup_value function| lookup function| fill function| del function| res function| hide_mmenu function| window_resize function| show_id function| fillHeaderLogin function| fillLoginMobile function| init function| cookie_terms function| setGDPRRequiredCookie function| setGDPRIsRequiredCookie function| setGDPRIsNotRequiredCookie function| GDPRRequired function| showCookieTermsForm function| acceptCookies function| scrollInfinityUserProfilePanelComments function| getMoreDataCommentsApps function| fillCommentsTemplate function| scrollInfinityUserProfilePanelDownload function| getMoreDataDownloadApps function| fillDownloadTemplate function| usersComments function| usersDownloads function| ssGoogle function| ssFacebook function| likebuttons function| notify function| open_screen function| prev_screen function| next_screen function| newComment function| isValidComment function| disableCommentButton function| setActualComment function| enviar_opinion function| votar function| votar_respuesta function| likedBefore function| responder_listado function| eliminar_respuesta function| eliminar_comentario number| lastOffsetUsed function| scrollInfinityVersions function| loadMoreDataVersions function| fillVersionSection function| scrollInfinity function| getMostAnswerComments function| getMostRecentComments function| getMostVotedComments function| voteComment function| voteCommentAnswer function| sendAnswerComment function| showFormAnswerComment function| sendComment function| fillCommentSection function| loadMoreData function| getMostVotedAnswers function| getMostRecentAnswers function| backToComments function| setDownloadApp function| $ function| jQuery function| SparkMD5 function| RateYo object| adlazy object| SF object| Redirect object| Share function| ajaxResponseBypass object| User object| Socialsignup object| Social object| InfScroll number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| GoogleAnalyticsObject function| ga object| apstag number| width object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED object| Criteo number| __google_ad_urls_id number| google_unique_id object| criteo_pubtag object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_reactive_ads_global_state object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnaHdD-4LonYhoDpNINsD4TWpJIYaj9SsVKs4qXllhhAztTU85ARPVPxTJv
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A_q4wnOjxkmesXR61N39eM0
.uptodown.com/ Name: __gads
Value: ID=b687b68e56003c43-228c09fda5b6003b:T=1596145624:S=ALNI_Ma-2FOA1ZOrDDGsHe4-kbazHwGU0g
.uptodown.com/ Name: _gat
Value: 1
.uptodown.com/ Name: _gid
Value: GA1.2.367117673.1596145624
.uptodown.com/ Name: utd_red_lang
Value: th
.uptodown.com/ Name: GDPR_REQUIRED
Value: is
.uptodown.com/ Name: utd_red_platform
Value: %2Fandroid
.uptodown.com/ Name: _ga
Value: GA1.2.1274431920.1596145624

4 Console Messages

Source Level URL
Text
console-api debug URL: https://stc.utdstc.com/js/th.v10.625.js(Line 392)
Message:
NO ES MAINURLuptodown.com
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072301.js(Line 6)
Message:
updateCorrelator has been deprecated. Please see the Google Ad Manager help page on "Pageviews in GPT" for more information: https://support.google.com/admanager/answer/183281?hl=en
console-api info URL: https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js(Line 421)
Message:
Powered by AMP ⚡ HTML – Version 2007280015000 https://coronavirus-sus.th.uptodown.com/android
console-api log URL: https://stc.utdstc.com/js/th.v10.625.js(Line 2302)
Message:
ServiceWorker registration successful with scope: https://coronavirus-sus.th.uptodown.com/javascript/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

018.coronavirus-sus.th.uptodown.com
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
adservice.google.nl
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.ampproject.org
coronavirus-sus.th.uptodown.com
googleads.g.doubleclick.net
ice.360yield.com
img.utdstc.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssm.codes
static.criteo.net
stats.g.doubleclick.net
stc.utdstc.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.109.75.95
13.224.199.29
178.250.2.131
216.58.212.162
2606:4700:20::ac43:45cb
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:400c:c01::9b
2a02:2638::3
37.157.4.24
52.57.77.12
52.95.118.60
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073c5040e8ee62ce265b9184911c7cd345a2fda8560570098ee73fcad73ac9f4
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
097f0f9038aba19030b90de3d7f09c4da2c4229e94f763add1719caf963b7d81
16969b0fc75ead83f454b5b3b1c93b27f2a2fa186f67b0d0be68abad8dcd2403
209ceea254b5cae8a4dd7e5d3556f1d0a079b3cc017f09f4d8868fee199df071
2a0c01ba057a92f6f239164122340b8087ce24dfdcfa652ace2371a7655e323e
2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d
309720733d24279bb255c9bfcdfb2792a24681d944f3f87ddcd5e94ba8a7fcd8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38bcfc645a00c9052f5a117ec13393fd5e342713e89394500a1c64baecf10293
391e115e1e27bf477f10940e7012e2b6e78f9b8585b1ef8681b4d5bd1e0b0f0b
40ef2b624fd0b3af4ccc737aed1267f6f71c199b6edb5f6297c15eb3be24bfd1
42f12b2ffdda5bc781197c783c933da14c47fe83fcd9a3110a3c6bf08ffc8bef
53f4bd2dde4f0edcfffd1af63f222548303fa095e13915385a0066c7ef6f2a2a
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
5d095ae74e81cfa4c3f055dde1f80de7f29153a9db10c401d69144ad04a71cba
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
6169227664082929623036474ef3ef07911612f5df6c231ded6305ea38bf7dc3
6a34daeab0affa7bfd4f4b6675905de21679c5378e1c5a0bdb03d15fbd52783f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2519ef21b9a13dc537b7f6bc6a4807978678fe7361f7d784beee2d81bc7a0c
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
757c862592d50b63588acee7c59cc67728b095d090674afd559d8589e044feb3
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85c9f5710d1ba97b33666c06a9a1f3eb6033d4ae9efb70ff8147d63064367fa5
86a7422df31d4e15c7e46387372bc40976510c20a6dcdb67c64e060c792bad7f
8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d
9059ff0edf771e3d6497d7bcad5b102becc6de65a4dced40c3b73ae78f83f7f6
a25dacac0ea7b4062eb143f375de8e49dfdaff0ad39288ab5fbebf590d4c77a4
a38bea48fb8a888dfeeb65fdc9e039d9b60c4c1ad46396f3314efbb1172d3345
a7c6d54a4075d623a55417c69a6d91cc39fee6770f4235e147ad28967fb210c3
aa1485262a6de20dbfca092b07b93d38b9752fdf7729b1cd7cc58d77500f193f
ab1c8b27e4cd295595653ef22f596a4b945273723066e2e0f7e035eaee738075
af2ebf3a4ab248d59348eeebe0d9c52cedc2aa2ea054ff37271a72f3cf8f04a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3104088bc90840b424eaa34ae16ff1e26535c2bdf0c579a2c9939715d611eed
b5aa3814bc5665a3b655ea844ad90424da19d41e9b54bb3c3fe5c2fdec4b2304
bcf6aa6fb2ac5e1fd5d1e7a2577552902cfd8255c9557b7a512319c390431882
be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
dc24eaf9f6892a992a8ec0f4f0885ec5fb436046ac570b3d188dc5c3945ca525
ddbe4bd5ca1098933853c19146d5efea2bae5009162ee8d239246964f19df43d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428af8551cc16730a407e1f40095c3fa7a8b8f25bb7f39575f6fceefc2ffe81
e53b6fb4cf38ed2f8b70583ae04bbf63b106f72b54ea383b76803c3dd88c1723
e5805ff82ac7e960beec601f53d5b3cdabff17e0e825368f485965bcfbf0b5be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cf473240521704b9b5a9bd0c4fc8b9c99dde60550a37c76931db4ac0b3c48b
f81be7df9b676cacd1fd08e43a238ee270e1d3e231939fe33cef31249f067fb2
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955