urlscan.io logo urlscan.io
SecurityTrails logo

covid.mixtiles.com Open in urlscan Pro
2606:4700:20::681a:874  Public Scan

Go To Rescan Add Verdict Report
URL: https://covid.mixtiles.com/
Submission: On May 19 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 46 HTTP transactions. The main IP is 2606:4700:20::681a:874, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid.mixtiles.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 5th 2020. Valid for: 5 months.
This is the only time covid.mixtiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 52.222.182.10 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 52.222.182.128 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 52.84.50.14 16509 (AMAZON-02)
1 151.101.13.131 54113 (FASTLY)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 52.84.50.114 16509 (AMAZON-02)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 1 34.197.103.81 14618 (AMAZON-AES)
1 3 151.101.14.133 54113 (FASTLY)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a03:2880:f11... 32934 (FACEBOOK)
1 52.222.182.87 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.114.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
46 22
2    2606:4700:20::681a:874 (United States)

ASN13335 (CLOUDFLARENET, US)
covid.mixtiles.com
2    52.222.182.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-10.ham50.r.cloudfront.net
builder-assets.unbounce.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    52.222.182.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-128.ham50.r.cloudfront.net
widget.trustpilot.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    52.84.50.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-14.ham50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    151.101.13.131 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
d8b035f775504b9d8c4367b27db1a476.js.ubembed.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.84.50.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-114.ham50.r.cloudfront.net
cdn.amplitude.com
3    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.197.103.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-103-81.compute-1.amazonaws.com
a.klaviyo.com
3    151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.klaviyo.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net
www.googleadservices.com
4    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.222.182.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-87.ham50.r.cloudfront.net
assets.ubembed.com
2    2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)
cx.atdmt.com
2    151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
fast.a.klaviyo.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
11 d9hhrg4mnvzow.cloudfront.net covid.mixtiles.com
4 www.facebook.com 2 redirects covid.mixtiles.com
4 fonts.gstatic.com covid.mixtiles.com
3 www.google.de covid.mixtiles.com
3 www.google.com 2 redirects covid.mixtiles.com
3 static.klaviyo.com 1 redirects covid.mixtiles.com
3 www.google-analytics.com 2 redirects covid.mixtiles.com
3 connect.facebook.net covid.mixtiles.com
connect.facebook.net
2 fast.a.klaviyo.com static.klaviyo.com
2 cx.atdmt.com covid.mixtiles.com
2 stats.g.doubleclick.net 2 redirects
2 www.googletagmanager.com covid.mixtiles.com
2 builder-assets.unbounce.com covid.mixtiles.com
2 covid.mixtiles.com covid.mixtiles.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 assets.ubembed.com d8b035f775504b9d8c4367b27db1a476.js.ubembed.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 a.klaviyo.com 1 redirects
1 cdn.amplitude.com covid.mixtiles.com
1 d8b035f775504b9d8c4367b27db1a476.js.ubembed.com covid.mixtiles.com
1 widget.trustpilot.com covid.mixtiles.com
1 code.jquery.com covid.mixtiles.com
46 23

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-05-05 -
2020-10-09		 5 months crt.sh
*.unbounce.com
Amazon		 2020-04-08 -
2021-05-08		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.trustpilot.com
Amazon		 2020-05-01 -
2021-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
z.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-22 -
2021-04-23		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-04-15 -
2020-07-14		 3 months crt.sh
cdn.amplitude.com
Amazon		 2019-12-16 -
2021-01-16		 a year crt.sh
fast.a.klaviyo.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2020-10-04		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
assets.ubembed.com
Amazon		 2020-04-04 -
2021-05-04		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2020-04-19 -
2020-07-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid.mixtiles.com/
Frame ID: A17B8D5B4CD85B05BA0120FD062D09E7
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

46
Requests

98 %
HTTPS

57 %
IPv6

19
Domains

23
Subdomains

22
IPs

5
Countries

6215 kB
Transfer

7603 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://a.klaviyo.com/media/js/analytics/analytics.js HTTP 301
  • https://static.klaviyo.com/onsite/js/klaviyo.js
Request Chain 13
  • https://static.klaviyo.com/forms/js/client.js HTTP 301
  • https://static.klaviyo.com/onsite/js/klaviyo.js
Request Chain 14
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2049371481&t=pageview&_s=1&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&dp=%2Fa&ul=en-us&de=UTF-8&dt=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=151928091&gjid=794871480&cid=735720656.1589882196&tid=UA-75794109-1&_gid=2095386019.1589882196&_r=1&z=538209694 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_gid=2095386019.1589882196&gjid=794871480&_v=j82&z=538209694 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694&slf_rd=1&random=2267697833
Request Chain 36
  • https://www.facebook.com/tr/?id=284062962201834&ev=PageView&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196141&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589882196105.1417418969&it=1589882196016&coo=false&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=16936890291301449574&f=AYyeHwFddAWOevGXt9OInAXi3YTpVFJL94jatt7QHX0KBkKV5T3yc2UUn0mlsHasTzbIkTPiPssL8HsgUwCyTBb_&id=284062962201834&l=3&v=0
Request Chain 43
  • https://www.facebook.com/tr/?id=284062962201834&ev=Microdata&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196644&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcovid.mixtiles.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fd9hhrg4mnvzow.cloudfront.net%2Fcovid.mixtiles.com%2F3a4b1107-og_000000000000000000028.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Adescription%22%3A%22All%20the%20safety%20instructions%20you%20need%2C%5Cnbeautifully%20illustrated%2C%5Cnprinted%20on%20stickable%20frames.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589882196607.785116178&it=1589882196016&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
  • https://cx.atdmt.com/?c=10118625052817015314&f=AYw64IBKI2MYR7wg-natAJrrcTOGmtMYk7AAHXV76KPXYrxQeiRIIVr9uJMzEOPSqGfZ13GfI1DQLDlnPzOsxnAW&id=284062962201834&l=3&v=0
Request Chain 44
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2049371481&t=timing&_s=2&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&ul=en-us&de=UTF-8&dt=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1623&pdt=2&dns=23&rrt=0&srt=459&tcp=31&dit=737&clt=737&_gst=654&_gbt=751&_cst=655&_cbt=767&_u=IEBAAEAB~&jid=929057254&gjid=1081294586&cid=735720656.1589882196&tid=UA-75794109-1&_gid=2095386019.1589882196&_r=1&z=1994903013 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_gid=2095386019.1589882196&gjid=1081294586&_v=j82&z=1994903013 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013&slf_rd=1&random=1689977442

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid.mixtiles.com/ 		66 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f416bd745eb48df05d54e99491a49eadf8cbe0b27dea1df113c43c98a2f9a5

Request headers

:method
GET
:authority
covid.mixtiles.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 19 May 2020 09:56:35 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8da77cb8847c061e0a8f29c49d6450031589882195; expires=Thu, 18-Jun-20 09:56:35 GMT; path=/; domain=.mixtiles.com; HttpOnly; SameSite=Lax ubpv=a%2C3fd57cfb-24d0-4095-bde9-145953c0ad14; Max-Age=15897600; Expires=Thu, 19 Nov 2020 09:56:35 GMT; Path=/ ubrs=weighted; Path=/ ubvs=162.158.90.2081592865644173842; Max-Age=15552000; Expires=Sun, 15 Nov 2020 09:56:35 GMT; Path=/ ubvt=162.158.90.2081592865644173842; Max-Age=259200; Expires=Fri, 22 May 2020 09:56:35 GMT; Path=/; Domain=mixtiles.com
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
3fd57cfb-24d0-4095-bde9-145953c0ad14
content-location
https://covid.mixtiles.com/
x-unbounce-visitorid
162.158.90.2081592865644173842
last-modified
Tue, 19 May 2020 09:55:18 GMT
x-unbounce-variant
a
link
<https://covid.mixtiles.com/>; rel="canonical"
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
595cf2e899601f4d-FRA
content-encoding
br
cf-request-id
02cdf6256000001f4d1617f200000001
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-10.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Mar 2020 14:20:17 GMT
content-encoding
gzip
age
4563379
x-cache
Hit from cloudfront
status
200
content-length
2902
last-modified
Wed, 04 Mar 2020 22:45:14 GMT
server
AmazonS3
etag
"c840c3d549f745d3142417845de68270"
x-amz-version-id
gJqOFtzKpY5_MpSOYwBhAXEJLqR0Gl7t
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
xLdYz9pN8UYI62nzjny2pDV-CtAC8HwE2XHv5gDITuJWhvKGfMvKGQ==
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid.mixtiles.com/
Origin
https://covid.mixtiles.com

Response headers

Date
Tue, 19 May 2020 09:56:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 May 2020 23:02:39 GMT
Server
nginx
ETag
W/"5eb09f0f-15d84"
Vary
Accept-Encoding
X-HW
1589882195.dop151.fr8.shc,1589882195.dop151.fr8.t,1589882195.cds142.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30879
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-128.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e71ae4d0da585db27d49a43157c70075936c06fab11822772f7b24670c08bb2

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 23:24:32 GMT
content-encoding
gzip
age
38014
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
6625
last-modified
Wed, 06 May 2020 07:12:04 GMT
server
AmazonS3
etag
"f6f602c61c98f3b8e3b9af95319ccab7"
content-type
application/x-javascript
via
1.1 e37f79ad8aac2f2f2e74a09fc473b7bf.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
nD__K-s8EQ6SR5F0Mo9oyTXTBBb-b73SSDu4KgFRb4ZgTEljOyJT2A==
js
www.googletagmanager.com/gtag/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-860792711
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
922fba71f07bab0744b1634e599373b0bdca16de516fa23bef9b40eb88be51eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:35 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33133
x-xss-protection
0
last-modified
Tue, 19 May 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 May 2020 09:56:35 GMT
transparent.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		42 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/transparent.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
5
etag
"d89746888da2d9510b64a9f031eaecd5"
x-cache
Hit from cloudfront
x-amz-version-id
zhYx2WS10G6wR7E_x0k0jBC3OfD9iBLM
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
42
x-amz-cf-id
pKh6ZZUUk3vYnmlNHhGHb65q70thtKRQgGv47f2QUma2EnqT9ZR1fA==
email-decode.min.js
covid.mixtiles.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid.mixtiles.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:35 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 12 May 2020 16:13:55 GMT
server
cloudflare
etag
W/"5ebacb43-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
595cf2ebbac31f4d-FRA
cf-request-id
02cdf6275600001f4d161b8200000001
expires
Thu, 21 May 2020 09:56:35 GMT
/
d8b035f775504b9d8c4367b27db1a476.js.ubembed.com/ 		481 B
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d8b035f775504b9d8c4367b27db1a476.js.ubembed.com/
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.131 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f71fddc444052a97f1beff5d4db9e5cda3f82a119e4cb3e28973a5ead89c209b

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
x-amz-apigw-id
MxgFIE-DDoEF1MA=
etag
f02cabbdeca12dd1f97cb05360f77506-v0.178.1
vary
Accept-Encoding
x-cache
Miss from cloudfront, MISS
content-type
application/json
status
200
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA54
accept-ranges
none
access-control-allow-origin
*
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-10.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 21:26:48 GMT
content-encoding
gzip
age
1686588
x-cache
Hit from cloudfront
status
200
content-length
33645
last-modified
Wed, 29 Apr 2020 19:49:39 GMT
server
AmazonS3
etag
"e3cd90068d75377439e6202b33a169c9"
x-amz-version-id
JBFUS0AkE5K2tQgjpSYJVwZCr8Y4Yfgg
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Y9bWC8FI-2Fcf6y6NLJOKW2DVGA_Y8tGI47UFVtD5wNWogEu6dnOvw==
fbevents.js
connect.facebook.net/en_US/ 		131 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
ZnuciXQrUumeZGYkQ9p7AfssWYoAIYT3ZQHNjX9ohU820qQn3WU1KLd7NUFr4JrI9MDI4TJg/R936SMBap4zxA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 19 May 2020 09:56:35 GMT, Tue, 19 May 2020 09:56:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
amplitude-6.2.0-min.gz.js
cdn.amplitude.com/libs/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-6.2.0-min.gz.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-114.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd04c1facaf3ef334e53fa35eda05a134c46c2d9c1e7b1b065039fe45febd375

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid.mixtiles.com/
Origin
https://covid.mixtiles.com

Response headers

date
Tue, 19 May 2020 09:56:37 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
HAM50-C2
x-cache
Miss from cloudfront
status
200
content-length
19033
access-control-allow-origin
*
last-modified
Sat, 02 May 2020 07:09:27 GMT
server
AmazonS3
etag
"14cd3e5f15a760fdf738a1256ad50e8e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Cj88HNI3cVBrjJvZglVeXi24ozUlneWd
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
YmpPbTmBpTeLzYlA-hCu90zW1K8-lqSkbRBV0lv1M8jTxP_ZGtoUkQ==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
3616
date
Tue, 19 May 2020 08:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 19 May 2020 10:56:19 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9CZZFZ
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
klaviyo.js
static.klaviyo.com/onsite/js/
Redirect Chain
  • https://a.klaviyo.com/media/js/analytics/analytics.js
  • https://static.klaviyo.com/onsite/js/klaviyo.js
35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4503044ba8845ece21cdaa53f0124a401de47a4682191f11f2f4e3e6ee8aee6a

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XTEUbZfE8d8kHOcOPgRvI1_yHc_ZOm__
content-encoding
gzip
etag
"f851345f0dc7c294f47c3f18325d9b41"
age
83
x-cache
HIT
status
200
content-length
10438
x-amz-id-2
cXDXDqRaMtW3bwWfitNYwC6xALwZIcyrKR+HmINOt4GR0/zndGPoiv6VGp0MJNTgg9zFrWKNjTw=
x-served-by
cache-fra19131-FRA
last-modified
Mon, 18 May 2020 22:13:56 GMT
server
AmazonS3
date
Tue, 19 May 2020 09:56:36 GMT
vary
Accept-Encoding
x-amz-request-id
A70D012D55FBC621
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
21

Redirect headers

Location
https://static.klaviyo.com/onsite/js/klaviyo.js
Date
Tue, 19 May 2020 09:56:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
178
Content-Type
text/html
klaviyo.js
static.klaviyo.com/onsite/js/
Redirect Chain
  • https://static.klaviyo.com/forms/js/client.js
  • https://static.klaviyo.com/onsite/js/klaviyo.js
35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4503044ba8845ece21cdaa53f0124a401de47a4682191f11f2f4e3e6ee8aee6a

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XTEUbZfE8d8kHOcOPgRvI1_yHc_ZOm__
content-encoding
gzip
etag
"f851345f0dc7c294f47c3f18325d9b41"
age
83
x-cache
HIT
status
200
content-length
10438
x-amz-id-2
cXDXDqRaMtW3bwWfitNYwC6xALwZIcyrKR+HmINOt4GR0/zndGPoiv6VGp0MJNTgg9zFrWKNjTw=
x-served-by
cache-fra19131-FRA
last-modified
Mon, 18 May 2020 22:13:56 GMT
server
AmazonS3
date
Tue, 19 May 2020 09:56:36 GMT
vary
Accept-Encoding
x-amz-request-id
A70D012D55FBC621
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
content-type
application/x-javascript
x-cache-hits
20

Redirect headers

date
Tue, 19 May 2020 09:56:36 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19131-FRA
status
301
x-cache
MISS
location
https://static.klaviyo.com/onsite/js/klaviyo.js
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2049371481&t=pageview&_s=1&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&dp=%2Fa&ul=en-us&de=UTF-8&dt=Covid%20Signage%20Kit%20for%20Office%20Spaces%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_gid=2095386019.1589882196&gjid=794871480&_v=j82&z=538209694
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694&slf_rd=1&random=2267697833
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694&slf_rd=1&random=2267697833
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=151928091&_v=j82&z=538209694&slf_rd=1&random=2267697833
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1786398614921623
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1786398614921623?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c4330a0f905a3da6e039ede0761eb4e7cd1fd40db6570af33502f85f0f64ede1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131935
x-xss-protection
0
pragma
public
x-fb-debug
CqzMdDpA+SiaMGuRdtULeHquz7CQDviQP9AkDE7dcPOzo5EsQYxwmYiLrvDCsn8TFDENhXhU6v4xzySXOuIooQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
bf3eda57-67d7-42c6-82c6-4c78175f1bbf
https://covid.mixtiles.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://covid.mixtiles.com/bf3eda57-67d7-42c6-82c6-4c78175f1bbf
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		3 KB
673 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Suez+One:400,regular%7CAssistant:regular,700,600
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8a438f0dbf7c5fd4335aabba1a1e4982d801c82a050c58c1c3c9b852aaba2f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 May 2020 09:56:36 GMT
server
ESF
date
Tue, 19 May 2020 09:56:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 May 2020 09:56:36 GMT
04df7ac5-mixtile-covid-kit_0q40f80q40dy00000n028.png
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/04df7ac5-mixtile-covid-kit_0q40f80q40dy00000n028.png
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
584df346a38f10f1de1a737de696e96a77866a655e99a700d0627ad738f89df2

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"31f2692e98d651537ebb9127ea9ee06d"
x-cache
Hit from cloudfront
x-amz-version-id
prU419EVtHOHJwa0m_8228KNUymSrzUh
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
92022
x-amz-cf-id
fCJXHax_z4zA_j1P4krOopIcbDxP3Agvv7UmuMDLN1pxjfve5HHOFw==
b7a32331-asset-2-3x_02u00b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		604 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/b7a32331-asset-2-3x_02u00b000000000000028.png
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b422a7bf1f07aeb5dccbb69a0c87ce6f5a45e8a12bc195eeb9c7d10f155fa8b

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"a729f46973b7b338201cbbb2e3b5991b"
x-cache
Hit from cloudfront
x-amz-version-id
ScZ.REpDVCzqAcnyZDW1OVrYHuNj6dfN
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
604
x-amz-cf-id
dg8e6uAHErkouT2i_BcEYfHUYAwE3JQP5pac9hEXcbo0svSCGjpw7Q==
1140e4b6-01.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		200 KB
200 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/1140e4b6-01.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
407632290c40cda07700f7d6db953f9a2fa20e710366e8bd49866b9a7acd82a0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"2da3b3a3a56cc64ea850c3fba4e3528f"
x-cache
Hit from cloudfront
x-amz-version-id
DwTQoe03o5xSPL1A1YyqPTrYmStQtP4y
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
204391
x-amz-cf-id
6R9fzxUqNAgTgMN46AI53VvSooemjAN6lPoVbL7ncsOyH7nZe-TJ3A==
de095593-03.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/de095593-03.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccbac32ac0425a80b9bca6e921970d477ba6040b468b586c3870703fd64b36fc

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"1487f0aa4636738a6ef24efe244e5c30"
x-cache
Hit from cloudfront
x-amz-version-id
4vhP1wH90aAz8WBFZCQ9qO5MyN1qBy9r
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
191125
x-amz-cf-id
eWr3fGyCYCsxKfyw5Obp6-k2DygCiTP3XhsjryJNF47xuwoD1fSCTQ==
b50cdcef-02.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/b50cdcef-02.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1346edf31c56fa247b0a7f6733efa5796e537b643e68fdf9c54052fc871bbe7d

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"b0c6785b5bf84508e99b5847d06164f1"
x-cache
Hit from cloudfront
x-amz-version-id
XFR0HAAU_sudQjcOyNyfd1OudKjNcKIe
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
232436
x-amz-cf-id
6L5nxuDCslnpcJMhDktY2UY8hueocIDsH72JAbBa7h75HXg8JNmwPQ==
db3b4791-asset-3-3x_07h00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/db3b4791-asset-3-3x_07h00w000000000000028.png
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c84b85a82a4fea32d7ab938042c81edea1fdb6959283850cd33eb720553a8a78

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"3563ba2d0c6439c59f7ab1ac4d4460d9"
x-cache
Hit from cloudfront
x-amz-version-id
o5sExT1zoxQ33k9ew7JMXGLTuU7Mhsyu
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/png
content-length
1317
x-amz-cf-id
nz9Whh8motGgrDumALalapWad7hgO25ISIOoUZV1qRVpGpqz7IbCWw==
e079f605-any-surface1.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/e079f605-any-surface1.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43b41cd190e45a5870c83145fb5eddb5892c84a960200331f409ee36c0a58346

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"80c99ad2ecba61dfafd3bea8f08a2305"
x-cache
Hit from cloudfront
x-amz-version-id
7y6YB8ICUW1Z1ZO1VAUQZCXKBYpvs4In
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
1736471
x-amz-cf-id
TuRS9HVjcszV9Mq4H6cB26oDdU69S6L6SJn8zAi3E_IJIJ_DDmERzw==
5886e7ba-no-marks-041.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		513 KB
514 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/5886e7ba-no-marks-041.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa97eabf38a86086a5f728105cbbc9d95aacf1d4a110d6b25719c79e65f7bb4d

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"1b3810b69b6e9c7b205e849ff4abdb92"
x-cache
Hit from cloudfront
x-amz-version-id
EIM7UkpxDJmzzHSsv3hIqE3hRhU2_PGK
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
525110
x-amz-cf-id
zxmDW-LdcwpW-A7hgxIx3A1RsPuvE4fZhrFsSbJW6SSwBrJRVvprxA==
d2895d69-re-stick1.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/d2895d69-re-stick1.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0191696656010864d668d53efa9f58d33f5fccf13ddc83d8445187b17e59ae1

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"0c824c86660884c8d8884d5fb875a1bc"
x-cache
Hit from cloudfront
x-amz-version-id
ERIafqZ0Jr2PbUcW.Zi5i2J49u5auZFL
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
1168608
x-amz-cf-id
HGSF3L87OKIjqQ4-1uyUr0Q-nzBbFaKD0t3jE-exh0sYraryjQwryQ==
5eb96676-peel-stick-1.gif
d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/covid.mixtiles.com/5eb96676-peel-stick-1.gif
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-50-14.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bc74a3841b2d1b8dffc30b3831083c5c29b7cd43653d7d8eef552383485befd

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:31 GMT
via
1.1 6c26a6f006166d6418b47ce1f42cffd6.cloudfront.net (CloudFront)
last-modified
Tue, 19 May 2020 09:55:18 GMT
server
AmazonS3
age
6
etag
"7869b0c32351ecb5e98b6504e5d6b1a7"
x-cache
Hit from cloudfront
x-amz-version-id
MuMBTUNMmtVxy2pD5x6TnT5TddHeHxqG
status
200
cache-control
max-age=31557600
x-amz-cf-pop
HAM50-C2
accept-ranges
bytes
content-type
image/gif
content-length
1607341
x-amz-cf-id
UFo9Zsp-5UVTV43XTvb1fPbbbqYZoWd-LHCYCxanVrUaFKhkXcXh2w==
conversion_async.js
www.googleadservices.com/pagead/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-860792711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s13-in-f226.1e100.net
Software
cafe /
Resource Hash
65a1850028118c64febbde9b109da293910bfff6ee261caf0087d3d3364359ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
10877
x-xss-protection
0
server
cafe
etag
12200185889747903800
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 May 2020 09:56:36 GMT
2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/assistant/v4/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v4/2sDcZGJYnIjSi6H75xkzaGW5Kb8VZA.woff2
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17ff46917ea7eb9058381920b1c6e16f47044321e001808d8bc6eeb7a1c03a04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Suez+One:400,regular%7CAssistant:regular,700,600
Origin
https://covid.mixtiles.com

Response headers

date
Mon, 18 May 2020 01:13:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:35 GMT
server
sffe
age
117798
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11036
x-xss-protection
0
expires
Tue, 18 May 2021 01:13:18 GMT
taiJGmd_EZ6rqscQgOFOmouC-50x.woff2
fonts.gstatic.com/s/suezone/v4/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/suezone/v4/taiJGmd_EZ6rqscQgOFOmouC-50x.woff2
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d02f2bad97c1936194061ed6219c5fd2b71e8cd8e7d37690062194b568279cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Suez+One:400,regular%7CAssistant:regular,700,600
Origin
https://covid.mixtiles.com

Response headers

date
Fri, 15 May 2020 19:36:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:54:50 GMT
server
sffe
age
310792
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14084
x-xss-protection
0
expires
Sat, 15 May 2021 19:36:44 GMT
2sDZZGJYnIjSi6H75xk7t0GsBJ0YTivYtg.woff2
fonts.gstatic.com/s/assistant/v4/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v4/2sDZZGJYnIjSi6H75xk7t0GsBJ0YTivYtg.woff2
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7ad8b66830c326ea6e5b8d4f1356757d39af2b79ed6023db1eae6bd86bda99d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Suez+One:400,regular%7CAssistant:regular,700,600
Origin
https://covid.mixtiles.com

Response headers

date
Mon, 18 May 2020 23:07:34 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:57 GMT
server
sffe
age
38942
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10860
x-xss-protection
0
expires
Tue, 18 May 2021 23:07:34 GMT
2sDZZGJYnIjSi6H75xk700CsBJ0YTivYtg.woff2
fonts.gstatic.com/s/assistant/v4/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v4/2sDZZGJYnIjSi6H75xk700CsBJ0YTivYtg.woff2
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ba767a4a96f873a28ef17430a7e009fb98b7322a1506657f71d97067fb2cf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Suez+One:400,regular%7CAssistant:regular,700,600
Origin
https://covid.mixtiles.com

Response headers

date
Mon, 18 May 2020 09:04:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:49:33 GMT
server
sffe
age
89537
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10912
x-xss-protection
0
expires
Tue, 18 May 2021 09:04:19 GMT
284062962201834
connect.facebook.net/signals/config/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/284062962201834?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22c27a707160209566b37d0186f9f0980ad1e32d0efab52a3268df5fa7e7eccf
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131677
x-xss-protection
0
pragma
public
x-fb-debug
kn1XVHMIHlBhNe9HK+Bp323BCDnoBecLw3y/yB/sI6fkErHGkUFI+IGqA+KqjRsX/TEcJ11oUsRRfHSA961dvA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1786398614921623&ev=PageView&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196105&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589882196105.1417418969&it=1589882196016&coo=false&rqm=GET
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 May 2020 09:56:36 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.178.1/ 		162 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.178.1/bundle.js
Requested by
Host: d8b035f775504b9d8c4367b27db1a476.js.ubembed.com
URL: https://d8b035f775504b9d8c4367b27db1a476.js.ubembed.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-87.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 31 Mar 2020 05:06:46 GMT
content-encoding
gzip
last-modified
Wed, 11 Dec 2019 22:14:50 GMT
server
AmazonS3
age
4250991
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
SxEtv17KGY32-n7pgyNSswOktZvHjObwCV2JFo5K5oaXosk9IJXDLQ==
via
1.1 cadd28ddf17473bac9ce00c18f8e1bc2.cloudfront.net (CloudFront)
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=284062962201834&ev=PageView&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196141&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589882196105.1...
  • https://cx.atdmt.com/?c=16936890291301449574&f=AYyeHwFddAWOevGXt9OInAXi3YTpVFJL94jatt7QHX0KBkKV5T3yc2UUn0mlsHasTzbIkTPiPssL8HsgUwCyTBb_&id=284062962201834&l=3&v=0
42 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=16936890291301449574&f=AYyeHwFddAWOevGXt9OInAXi3YTpVFJL94jatt7QHX0KBkKV5T3yc2UUn0mlsHasTzbIkTPiPssL8HsgUwCyTBb_&id=284062962201834&l=3&v=0
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
content-type
image/gif
alt-svc
h3-27=":443"; ma=3600
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=16936890291301449574&f=AYyeHwFddAWOevGXt9OInAXi3YTpVFJL94jatt7QHX0KBkKV5T3yc2UUn0mlsHasTzbIkTPiPssL8HsgUwCyTBb_&id=284062962201834&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=3600
content-length
0
expires
0
klaviyo_analytics.js
fast.a.klaviyo.com/media/js/analytics/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/media/js/analytics/klaviyo_analytics.js?v=5
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39725edc891faeb797afb14f131a24a12862d887c2b39f58e43094a8491789a2
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT
content-encoding
gzip
vary
Accept-Encoding
age
66537
x-cache
HIT
status
200
x-cache-hits
28205
content-length
6008
x-served-by
cache-hhn4077-HHN
last-modified
Mon, 27 Apr 2020 15:09:52 GMT
server
nginx
etag
W/"5ea6f5c0-48b3"
strict-transport-security
max-age=900
content-type
application/javascript
via
1.1 varnish
cache-control
max-age=86400, public
accept-ranges
bytes
expires
Tue, 19 May 2020 15:27:38 GMT
modules
fast.a.klaviyo.com/onsite/api/v2/ 		37 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/onsite/api/v2/modules?company_id=PAvkRC
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d213bd4e1364ab51afd24737906ebc4aa82e63118324e9448417c686c914fe82
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT
content-encoding
gzip
age
3724888
x-cache
HIT
status
200
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
57
via
1.1 varnish
x-served-by
cache-hhn4067-HHN
access-control-allow-origin
*
server
nginx
vary
Accept-Encoding, Cookie
access-control-allow-methods
GET
content-type
application/json
x-upstream
Sync-Api, Sync-Api
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
3
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/860792711/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860792711/?random=1589882196206&cv=9&fst=1589882196206&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid.mixtiles.com%2F&tiba=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68bc82a31ae74b284c317739f544eb83c71d4bdf5052c8c75de204955f76f3e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/860792711/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/860792711/?random=1589882196206&cv=9&fst=1589878800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid.mixtiles.com%2F&tiba=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles&async=1&fmt=3&is_vtc=1&random=3804763337&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/860792711/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/860792711/?random=1589882196206&cv=9&fst=1589878800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa561&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcovid.mixtiles.com%2F&tiba=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles&async=1&fmt=3&is_vtc=1&random=3804763337&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1786398614921623&ev=Microdata&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196608&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixtiles%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcovid.mixtiles.com%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fd9hhrg4mnvzow.cloudfront.net%2Fcovid.mixtiles.com%2F3a4b1107-og_000000000000000000028.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Adescription%22%3A%22All%20the%20safety%20instructions%20you%20need%2C%5Cnbeautifully%20illustrated%2C%5Cnprinted%20on%20stickable%20frames.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589882196607.785116178&it=1589882196016&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 May 2020 09:56:36 GMT
/
cx.atdmt.com/
Redirect Chain
  • https://www.facebook.com/tr/?id=284062962201834&ev=Microdata&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&rl=&if=false&ts=1589882196644&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Covid%20Signage%2...
  • https://cx.atdmt.com/?c=10118625052817015314&f=AYw64IBKI2MYR7wg-natAJrrcTOGmtMYk7AAHXV76KPXYrxQeiRIIVr9uJMzEOPSqGfZ13GfI1DQLDlnPzOsxnAW&id=284062962201834&l=3&v=0
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cx.atdmt.com/?c=10118625052817015314&f=AYw64IBKI2MYR7wg-natAJrrcTOGmtMYk7AAHXV76KPXYrxQeiRIIVr9uJMzEOPSqGfZ13GfI1DQLDlnPzOsxnAW&id=284062962201834&l=3&v=0
Requested by
Host: covid.mixtiles.com
URL: https://covid.mixtiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
content-type
image/gif
alt-svc
h3-27=":443"; ma=3600
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT, Tue, 19 May 2020 09:56:36 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=10118625052817015314&f=AYw64IBKI2MYR7wg-natAJrrcTOGmtMYk7AAHXV76KPXYrxQeiRIIVr9uJMzEOPSqGfZ13GfI1DQLDlnPzOsxnAW&id=284062962201834&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=3600
content-length
0
expires
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2049371481&t=timing&_s=2&dl=https%3A%2F%2Fcovid.mixtiles.com%2F&ul=en-us&de=UTF-8&dt=Covid%20Signage%20Kit%20for%20Office%20Spaces%20-%20Mixt...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_gid=2095386019.1589882196&gjid=1081294586&_v=j82&z=1994903013
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013&slf_rd=1&random=1689977442
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013&slf_rd=1&random=1689977442
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid.mixtiles.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 May 2020 09:56:36 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75794109-1&cid=735720656.1589882196&jid=929057254&_v=j82&z=1994903013&slf_rd=1&random=1689977442
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ub function| $ function| jQuery function| fbq function| _fbq object| amplitude string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| x object| _learnq string| __klKey object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Trustpilot object| google_tag_manager function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| klaviyoOnsiteJSONP object| SENTRY_RELEASE object| core function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ube

3 Cookies

Domain/Path Name / Value
.mixtiles.com/ Name: amp_afc387
Value: lthlQF8tkJOwGAQKNSRZnF...1e8m5q4rt.1e8m5q4rt.0.0.0
covid.mixtiles.com/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE1ODk4ODIxOTcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vY292aWQubWl4dGlsZXMuY29tLyJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTU4OTg4MjE5NywidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9jb3ZpZC5taXh0aWxlcy5jb20vIn19
.mixtiles.com/ Name: _fbp
Value: fb.1.1589882196607.785116178

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
assets.ubembed.com
builder-assets.unbounce.com
cdn.amplitude.com
code.jquery.com
connect.facebook.net
covid.mixtiles.com
cx.atdmt.com
d8b035f775504b9d8c4367b27db1a476.js.ubembed.com
d9hhrg4mnvzow.cloudfront.net
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
static.klaviyo.com
stats.g.doubleclick.net
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
151.101.114.133
151.101.13.131
151.101.14.133
172.217.21.226
2001:4de0:ac19::1:b:1a
2606:4700:20::681a:874
2a00:1450:4001:800::2003
2a00:1450:4001:801::2008
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.197.103.81
52.222.182.10
52.222.182.128
52.222.182.87
52.84.50.114
52.84.50.14
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1346edf31c56fa247b0a7f6733efa5796e537b643e68fdf9c54052fc871bbe7d
17ff46917ea7eb9058381920b1c6e16f47044321e001808d8bc6eeb7a1c03a04
1bc74a3841b2d1b8dffc30b3831083c5c29b7cd43653d7d8eef552383485befd
1d02f2bad97c1936194061ed6219c5fd2b71e8cd8e7d37690062194b568279cc
22c27a707160209566b37d0186f9f0980ad1e32d0efab52a3268df5fa7e7eccf
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
39725edc891faeb797afb14f131a24a12862d887c2b39f58e43094a8491789a2
3b422a7bf1f07aeb5dccbb69a0c87ce6f5a45e8a12bc195eeb9c7d10f155fa8b
407632290c40cda07700f7d6db953f9a2fa20e710366e8bd49866b9a7acd82a0
43b41cd190e45a5870c83145fb5eddb5892c84a960200331f409ee36c0a58346
4503044ba8845ece21cdaa53f0124a401de47a4682191f11f2f4e3e6ee8aee6a
4ba767a4a96f873a28ef17430a7e009fb98b7322a1506657f71d97067fb2cf3f
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
584df346a38f10f1de1a737de696e96a77866a655e99a700d0627ad738f89df2
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
65a1850028118c64febbde9b109da293910bfff6ee261caf0087d3d3364359ba
68bc82a31ae74b284c317739f544eb83c71d4bdf5052c8c75de204955f76f3e0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
922fba71f07bab0744b1634e599373b0bdca16de516fa23bef9b40eb88be51eb
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9e71ae4d0da585db27d49a43157c70075936c06fab11822772f7b24670c08bb2
a5f416bd745eb48df05d54e99491a49eadf8cbe0b27dea1df113c43c98a2f9a5
a8a438f0dbf7c5fd4335aabba1a1e4982d801c82a050c58c1c3c9b852aaba2f9
aa97eabf38a86086a5f728105cbbc9d95aacf1d4a110d6b25719c79e65f7bb4d
c4330a0f905a3da6e039ede0761eb4e7cd1fd40db6570af33502f85f0f64ede1
c84b85a82a4fea32d7ab938042c81edea1fdb6959283850cd33eb720553a8a78
ccbac32ac0425a80b9bca6e921970d477ba6040b468b586c3870703fd64b36fc
cd04c1facaf3ef334e53fa35eda05a134c46c2d9c1e7b1b065039fe45febd375
d213bd4e1364ab51afd24737906ebc4aa82e63118324e9448417c686c914fe82
df25786bc3951d78d0f763a2a75a1f33b01b8ae2a5157831d2cf4d0348c2ede7
e0191696656010864d668d53efa9f58d33f5fccf13ddc83d8445187b17e59ae1
e7ad8b66830c326ea6e5b8d4f1356757d39af2b79ed6023db1eae6bd86bda99d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71fddc444052a97f1beff5d4db9e5cda3f82a119e4cb3e28973a5ead89c209b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d