urlscan.io logo urlscan.io
SecurityTrails logo

covid19aplive.tk Open in urlscan Pro
2a02:4780:dead:9d4a::1  Public Scan

Go To Rescan Add Verdict Report
URL: http://covid19aplive.tk/
Submission: On May 25 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 19 domains to perform 38 HTTP transactions. The main IP is 2a02:4780:dead:9d4a::1, located in United States and belongs to AWEX, US. The main domain is covid19aplive.tk.
This is the only time covid19aplive.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a02:4780:dead:9d4a::1 (United States)

ASN204915 (AWEX, US)
covid19aplive.tk
6    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:442e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
1    23.111.11.182 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
a.opmnstr.com
6    2a02:4780:dead:d63e::1 (United States)

ASN204915 (AWEX, US)
covid19apnew.000webhostapp.com
1    151.101.38.2 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
media.giphy.com
1    2606:4700:3037::6818:6698 (United States)

ASN13335 (CLOUDFLARENET, US)
getdrawings.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
3    96.30.25.216 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: hitwebcounter.com
hitwebcounter.com
www.hitwebcounter.com
1    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
www.covid19india.org
4    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
s.ytimg.com
1    13.225.87.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-83.fra2.r.cloudfront.net
api.omappapi.com
3    104.28.6.34 (United States)

ASN13335 (CLOUDFLARENET, US)
log.hitsteps.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
6 covid19apnew.000webhostapp.com covid19aplive.tk
4 pagead2.googlesyndication.com covid19aplive.tk
pagead2.googlesyndication.com
3 log.hitsteps.com covid19aplive.tk
log.hitsteps.com
3 www.youtube.com covid19aplive.tk
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.hitwebcounter.com 1 redirects covid19aplive.tk
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
covid19aplive.tk
2 covid19aplive.tk covid19aplive.tk
1 s.ytimg.com www.youtube.com
1 api.omappapi.com a.opmnstr.com
1 www.covid19india.org covid19aplive.tk
1 www.googletagservices.com pagead2.googlesyndication.com
1 hitwebcounter.com 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 getdrawings.com covid19aplive.tk
1 media.giphy.com covid19aplive.tk
1 a.opmnstr.com covid19aplive.tk
1 cdn.000webhost.com covid19aplive.tk
1 www.googletagmanager.com covid19aplive.tk
38 21
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.000webhost.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-19 -
2020-12-17		 2 years crt.sh
*.opmnstr.com
Go Daddy Secure Certificate Authority - G2		 2019-04-11 -
2021-04-11		 2 years crt.sh
*.000webhostapp.com
RapidSSL RSA CA 2018		 2019-06-11 -
2021-07-10		 2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-22 -
2021-04-23		 a year crt.sh
*.google.de
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
hitwebcounter.com
cPanel, Inc. Certification Authority		 2020-05-20 -
2020-08-18		 3 months crt.sh
www.covid19india.org
Let's Encrypt Authority X3		 2020-05-13 -
2020-08-11		 3 months crt.sh
api.opmnstr.com
Amazon		 2020-04-09 -
2021-05-09		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://covid19aplive.tk/
Frame ID: C1A4DE5503800535C7E6E55A66D8D87D
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Frame ID: 5E2AD6B7238A691548F2402B2DD2A335
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796513736084427&output=html&adk=1812271804&adf=3025194257&lmt=1590430193&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcovid19aplive.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590430193588&bpp=13&bdt=62&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=146987682372&frm=20&pv=2&ga_vid=1744587081.1590430194&ga_sid=1590430194&ga_hid=1842958821&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3990381390436150&pem=990&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=94
Frame ID: 9A28B0D86899B230AEFE42A5E3AC8647
Requests: 1 HTTP requests in this frame

Frame: https://www.covid19india.org/
Frame ID: 0838F7C69E0BEB5C1EB2ACFB157C3404
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/niEtnftWG5I
Frame ID: 430D9F48DBF0D7D99BDF80EBFF012810
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TPpoJGYlW54
Frame ID: 76B06EDF8FDB7C35DA2BB610BAE42780
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 73B839FFEF706A14C9AB89FFCC63E494
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

38
Requests

79 %
HTTPS

63 %
IPv6

19
Domains

21
Subdomains

17
IPs

3
Countries

926 kB
Transfer

1498 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0 HTTP 301
  • http://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0 HTTP 302
  • https://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
Request Chain 29
  • http://www.youtube.com/iframe_api HTTP 307
  • https://www.youtube.com/iframe_api

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid19aplive.tk/ 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://covid19aplive.tk/
Protocol
HTTP/1.1
Server
2a02:4780:dead:9d4a::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
0a43e3660404b3943519976e389565d42a7c676c5f970772fb177615b5ddd1a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
covid19aplive.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 18:09:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
awex
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Request-ID
49a41561934aa78c0b7eeb814932f023
Content-Encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c465784ea66e8bfa06ff913a249b12d0c70e483cdb1f6bf81f9ac66d0630b2de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
39264
x-xss-protection
0
server
cafe
etag
16962565607130680607
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 May 2020 18:09:53 GMT
js
www.googletagmanager.com/gtag/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54176113-3
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb4d92b0461c0775fdb8bf1a86f940101a78a286aaf348f3d11f01b2200f055f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33138
x-xss-protection
0
expires
Mon, 25 May 2020 18:09:53 GMT
jquery.dataTables.css
covid19aplive.tk/cdn.datatables.net/1.10.20/css/ 		0
0
bootstrap.min.css
covid19aplive.tk/stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		0
0
styleb9e3.css
covid19aplive.tk/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://covid19aplive.tk/css/styleb9e3.css?bustThis=true
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
HTTP/1.1
Server
2a02:4780:dead:9d4a::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
e98c5fc94dcb7e588257c61d4a8359eec11252de8581488d80ca3c6df5c171b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 18:09:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Mar 2020 10:55:57 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
cf58c739a73c8ee2825623e51d11ab7d
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:442e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3068
cf-polished
origFmt=png, origSize=2046
status
200
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
x-hostinger-datacenter
srv
vary
Accept
content-length
1696
x-xss-protection
1; mode=block
last-modified
Mon, 25 May 2020 14:10:17 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"5ecbd1c9-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
expires
Mon, 25 May 2020 22:09:53 GMT
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn2
cf-request-id
02ee9fef9c000006293f1a8200000001
accept-ranges
bytes
cf-ray
599135c5ca450629-FRA
cf-bgj
imgq:100,h2pri
api.min.js
a.opmnstr.com/app/js/ 		199 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.opmnstr.com/app/js/api.min.js
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.182 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ef61e304b98e34b5955c17fcf56b1ffd2e0bf59b9fe59a18220ad7639dbcf59c

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 18:04:55 GMT
server
NetDNA-cache/2.2
x-amz-request-id
96647E08DB5BF066
etag
W/"2f1b7d41d7a942a48284a2e82c52a42a"
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=31104000
access-control-allow-origin
*
x-amz-id-2
TaOMA8L6SBiS27IKCNPXW5LWOTRS7+R7JGIidc37DStwsTJC0tI4uc3jIFJ4+Hgz6SF+OoybHz0=
expires
Thu, 20 May 2021 18:09:53 GMT
favicon-32x32.png
covid19apnew.000webhostapp.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/favicon-32x32.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
976241caa9b3e6015ccacc5756f3070826486c170befabc382602800732e013c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Mar 2020 10:55:57 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
2238
x-xss-protection
1; mode=block
x-request-id
bbc08343fd9ce7976db00517df3d335e
favicon-16x16.png
covid19apnew.000webhostapp.com/images/ 		870 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/favicon-16x16.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
7708266482d0e0b8e12d6e1c78bc91e7f10fc21f25893e909a41245053f45099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Mar 2020 10:55:57 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
870
x-xss-protection
1; mode=block
x-request-id
c4506eb34c03009de8811a2f9a341bbb
new.gif
covid19apnew.000webhostapp.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/new.gif
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
b384b144b4881ca50f8160c4ef224c96dfab5b3837a41977b322b746bfbbd763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 30 Mar 2020 13:35:09 GMT
server
awex
content-type
image/gif
status
200
accept-ranges
bytes
content-length
2364
x-xss-protection
1; mode=block
x-request-id
86853c4d3ca601b169f55d8b6bec0f87
Jio-Logo-PNG-715x715.png
covid19apnew.000webhostapp.com/images/ 		223 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/Jio-Logo-PNG-715x715.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
c2860c732df0925b78aa3cfd1ed4b564c57074c0435e51c6839f95832c329781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Apr 2020 01:27:03 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
228070
x-xss-protection
1; mode=block
x-request-id
32deaa9907d368d720157e6435c89150
giphy.gif
media.giphy.com/media/UrzWDQ3VTiDU84R5dx/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/UrzWDQ3VTiDU84R5dx/giphy.gif
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.38.2 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b590e1ae7bcc7656f68655576fcaa8dfd83a034212a816d856ef131f11f6478

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Fri, 20 Sep 2019 20:59:58 GMT
age
15366734
etag
"325eed7eda968e4e81e25a41177896af"
x-served-by
cache-bwi5149-BWI, cache-ams21044-AMS
status
200
x-cache
HIT, HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-timer
S1590430194.676158,VS0,VE1
content-length
125701
x-cache-hits
1, 1
whatsapp.png
covid19apnew.000webhostapp.com/images/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/whatsapp.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
783e9604bee7519a403c57d7ef64ed3b287d3b2fec687e176bb779b5c0556b70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Mar 2020 10:55:57 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
174882
x-xss-protection
1; mode=block
x-request-id
53a4ec6b2ccbc09638a8052a5d207a18
database-icon-png-68.png
getdrawings.com/free-icon/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://getdrawings.com/free-icon/database-icon-png-68.png
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
HTTP/1.1
Server
2606:4700:3037::6818:6698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0e5a4639d52b391b4d81e93d8a89f24ffdeaee1f37d9dfdb4b8a5cd5d99ba05a

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 18:09:53 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Tue, 02 Apr 2019 03:27:28 GMT
Server
cloudflare
X-Powered-By
PleskLin
ETag
"5ca2d6a0-8af2"
Content-Type
image/png
Cache-Control
max-age=604800, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
599135c5caec96b6-FRA
Content-Length
35570
cf-request-id
02ee9fefa0000096b6913ab200000001
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54176113-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
4414
date
Mon, 25 May 2020 16:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 25 May 2020 18:56:19 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=covid19aplive.tk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=covid19aplive.tk
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/ 		218 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
83958
x-xss-protection
0
server
cafe
etag
14927078227322710652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 May 2020 18:09:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/ Frame 5E2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200519/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 May 2020 02:19:05 GMT
expires
Wed, 03 Jun 2020 02:19:05 GMT
content-type
text/html; charset=UTF-8
etag
17826495148367054107
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4284
x-xss-protection
0
cache-control
public, max-age=1209600
age
489048
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1842958821&t=pageview&_s=1&dl=http%3A%2F%2Fcovid19aplive.tk%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=235882795&gjid=679624086&cid=1744587081.1590430194&tid=UA-54176113-3&_gid=2027057172.1590430194&_r=1&gtm=2ou5e1&z=514240414
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
hckr.PNG
covid19apnew.000webhostapp.com/images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid19apnew.000webhostapp.com/images/hckr.PNG
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:d63e::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
29e7ad98a3b9489c8b90ba43635b7d5417eb17f62575a53a6eaa865c6df68966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
x-content-type-options
nosniff
last-modified
Sat, 28 Mar 2020 10:55:57 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
37766
x-xss-protection
1; mode=block
x-request-id
5c31aab0cb9b9ff2cca4bc5aecc4e2f4
counter.php
www.hitwebcounter.com/counter/
Redirect Chain
  • https://hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
  • http://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
  • https://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
96.30.25.216 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
hitwebcounter.com
Software
Apache /
Resource Hash
0e4a851cebdc0c78f37f828b62e02e0d1f81f9f30024fdd5ab092230fecbff51

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 18:09:54 GMT
content-encoding
gzip
server
Apache
content-length
2247
vary
Accept-Encoding,User-Agent
content-type
text/html

Redirect headers

Location
https://www.hitwebcounter.com/counter/counter.php?page=7217371&style=0001&nbdigits=6&type=page&initCount=0
Date
Mon, 25 May 2020 18:09:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=200
Content-Length
306
Content-Type
text/html; charset=iso-8859-1
ads
googleads.g.doubleclick.net/pagead/ Frame 9A28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4796513736084427&output=html&adk=1812271804&adf=3025194257&lmt=1590430193&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcovid19aplive.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590430193588&bpp=13&bdt=62&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=146987682372&frm=20&pv=2&ga_vid=1744587081.1590430194&ga_sid=1590430194&ga_hid=1842958821&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3990381390436150&pem=990&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=94
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4796513736084427&output=html&adk=1812271804&adf=3025194257&lmt=1590430193&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcovid19aplive.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590430193588&bpp=13&bdt=62&idt=80&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=146987682372&frm=20&pv=2&ga_vid=1744587081.1590430194&ga_sid=1590430194&ga_hid=1842958821&ga_fc=0&iag=0&icsg=2186&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085&oid=3&pvsid=3990381390436150&pem=990&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=94
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 May 2020 18:09:53 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 25-May-2020 18:24:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 25 May 2020 18:09:53 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589974910160429"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27764
x-xss-protection
0
expires
Mon, 25 May 2020 18:09:53 GMT
/
www.covid19india.org/ Frame 0838 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.covid19india.org/
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
www.covid19india.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
server
GitHub.com
content-type
text/html; charset=utf-8
x-origin-cache
1
strict-transport-security
max-age=31556952
last-modified
Mon, 25 May 2020 07:03:44 GMT
etag
W/"5ecb6dd0-20f0"
access-control-allow-origin
*
expires
Mon, 25 May 2020 15:35:18 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
A8A8:3E4B:2DFE05:3A14E1:5ECBE35E
accept-ranges
bytes
date
Mon, 25 May 2020 18:09:54 GMT
via
1.1 varnish
age
0
x-served-by
cache-bma1637-BMA
x-cache
HIT
x-cache-hits
1
x-timer
S1590430194.012228,VS0,VE103
vary
Accept-Encoding
x-fastly-request-id
5e11f78d80214970abe466cb05bbf25323379327
content-length
2844
niEtnftWG5I
www.youtube.com/embed/ Frame 430D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/niEtnftWG5I
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/niEtnftWG5I
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
cache-control
no-cache
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security
max-age=31536000
date
Mon, 25 May 2020 18:09:53 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=4G67URFTYkE; path=/; domain=.youtube.com; secure; expires=Sat, 21-Nov-2020 18:09:53 GMT; httponly; samesite=None YSC=ZXGxL2uStKI; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 25-May-2020 18:39:53 GMT VISITOR_INFO1_LIVE=4G67URFTYkE; path=/; domain=.youtube.com; secure; expires=Sat, 21-Nov-2020 18:09:53 GMT; httponly; samesite=None
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
TPpoJGYlW54
www.youtube.com/embed/ Frame 76B0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TPpoJGYlW54
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/TPpoJGYlW54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
content-type
text/html; charset=utf-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
no-cache
expires
Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
date
Mon, 25 May 2020 18:09:53 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=mTVeAKJxeMM; path=/; domain=.youtube.com; secure; expires=Sat, 21-Nov-2020 18:09:53 GMT; httponly; samesite=None YSC=aU8VAR27av0; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=mTVeAKJxeMM; path=/; domain=.youtube.com; secure; expires=Sat, 21-Nov-2020 18:09:53 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 25-May-2020 18:39:53 GMT
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f6brbmuxflyqoriatchv
api.omappapi.com/v2/embed/71036/ 		126 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/71036/f6brbmuxflyqoriatchv
Requested by
Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-83.fra2.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
fcb673f7da578b0230aa24d90df47b3e751de9e9f19c2a1a9972394c20358285

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-user-agent
standard
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
FRA2-C2
status
410
date
Mon, 25 May 2020 18:09:54 GMT
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-CSRF-Token
content-length
126
x-amz-cf-id
E2AsPezo02Pz2-CrKfUTMqXcHA7AKe9EWR6nWcr215hi2QvOgiSUTQ==
track.php
log.hitsteps.com/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://log.hitsteps.com/track.php?code=9665665f1b65de995edfb43d25849955
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.28.6.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b3499415f2e3a0d33cd5482d234aa2e2d7e2e83cf7f86e57ced1a7bd5469f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP="CAO PSA OUR"
status
200
cf-request-id
02ee9ff1400000fe307e871200000001
pragma
no-cache
last-modified
Mon, 25 May 2020 18:09:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600, s-max-age=84600
cf-ray
599135c86ba5fe30-HEL
expires
Tue, 03 Jul 2001 06:00:00 GMT
iframe_api
www.youtube.com/
Redirect Chain
  • http://www.youtube.com/iframe_api
  • https://www.youtube.com/iframe_api
859 B
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
111953de596acbf475fe62a675411d744e56b0d246864461ff8c9a93a7f7c58e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 18:09:54 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT

Redirect headers

Location
https://www.youtube.com/iframe_api
Non-Authoritative-Reason
HSTS
gather.php
log.hitsteps.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://log.hitsteps.com/gather.php?sid=76119&ui=tegx7jq17mh&aid=65586&u=http%3A//covid19aplive.tk/&et=1&ti=&touchpoints=0&sh=1200&sw=1600&sc=24&wsh=1200&wsw=1600&p=&l=en-US&c=Linux%20x86_64&t=120&ja=1&fv=&MySearch=&uniqueid=&integrity=&ipname=&gdpr=2&Tag=&label=&iTag=&iPage=&utm_source=&src=&jv=0&ca=1&uidn=&hitc=&rev=&goal=&timing=604&dm=covid19aplive.tk&v=0.1868034830177554
Requested by
Host: covid19aplive.tk
URL: http://covid19aplive.tk/
Protocol
HTTP/1.1
Server
104.28.6.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflcS5aan/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflcS5aan/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a743a92db0b6aaaefae53df128beb23bf5168ac2c61953e8c1c29b32fd416b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 09:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29904
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24653
x-xss-protection
0
last-modified
Thu, 21 May 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 02 Jun 2020 09:51:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200519&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e81a7040d80482b10f42dae91b483c23d02cd43466fdb4f471303e7861a71453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 25 May 2020 18:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5504
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 18:09:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1582746470043195"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
5456
X-XSS-Protection
0
Expires
Mon, 25 May 2020 18:09:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 73B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://covid19aplive.tk/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://covid19aplive.tk/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Mon, 25 May 2020 17:43:30 GMT
expires
Tue, 25 May 2021 17:43:30 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1585
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
png.php
log.hitsteps.com/ 		19 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://log.hitsteps.com/png.php?idle=0&aid=65586&sid=76119&temp_uid=tegx7jq17mh&lang=auto&bat=100//Adapter//00%3A00//---&aplg=not%20found
Requested by
Host: log.hitsteps.com
URL: https://log.hitsteps.com/track.php?code=9665665f1b65de995edfb43d25849955
Protocol
HTTP/1.1
Server
104.28.6.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35bf1f63fb0039a6f6b3e6890ded2bf9df49f8088d91bc986018f7bbc9728619
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 25 May 2020 18:09:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
P3P
CP="CAO PSA OUR"
Connection
keep-alive
Content-Length
39
cf-request-id
02ee9ff6c90000fe4c99025200000001
Pragma
no-cache
Last-Modified
Mon, 25 May 2020 18:09:55 GMT
Server
cloudflare
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
CF-RAY
599135d14ebcfe4c-HEL
Expires
Tue, 03 Jul 2001 06:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200519&jk=3990381390436150&bg=!-_il-OBYb_bHdQF3FRACAAAAv1IAAAAOmQF3mqGY7PZ1vNFxPFF9KtpCmqKdnrDHE8MKfx9ACnrTM219sUe3pVs-w16I768_0ElfF48p3l3g20dZlyliwRGGgd58K9EUn_VOL5e5dE3ygCCdgyaaebRGxWnHtGbcJlOS14CsZ4p8U9Pd0BN-NIev-Zrgi53NXIJ3nFP_eIerU9CS_nuL3xn9VecgFROkPEmUqkefS2ayCWaLfU1CUV-SHytCNa1ydjI76s-saRz3l_XQ10bPNmG7vHStJrYW8W1w83_1ovK1uayHK-3Bx86I548nYgEh6dDger8nm-DPPNg1aGJOIJeVEsI1bwIf83UgnZ34JZBDNbtlqFCUygeG0RFWGfGzDhR52vN4ZnPdp-yb46DCZLdEjSC1lzWafohHUQCCV_2kMi8vO8Q8AX6aemFiux_ChOgW6B7MxUc9fMKWuqRQhQLkNcJnrTKfIUqTFQOOfmOPBXdBPsGxOHk5ZFHxIIAey2QtLeNSZikVnH3mmAuP-UVA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://covid19aplive.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 May 2020 18:09:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
covid19aplive.tk
URL
http://covid19aplive.tk/cdn.datatables.net/1.10.20/css/jquery.dataTables.css
Domain
covid19aplive.tk
URL
http://covid19aplive.tk/stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| openNav function| closeNav function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent object| wpSidebar object| wpTopBarRight undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage function| setImmediate function| clearImmediate function| OptinMonsterApp boolean| om_loaded object| f6brbmuxflyqoriatchv object| mybutton function| scrollFunction function| topFunction function| _hs_getqs function| _hs_setData function| _hs_getData string| ipname_temp string| _hs_uniqueid_temp number| _hs_gdpr_diag function| _hs_checkGDPR string| _hs_bat object| _hs_sysbat string| _hs_adplug string| _hs_a_uid number| _hs_navigator_touchpoints function| _hs_readAdplugin function| _hs_readBattery function| _HSTracker number| _HS_jquery_injected number| HSTracked number| ChatDiv function| _hs_getParmFromHash undefined| _HS_body undefined| _HS_html undefined| _HS_dhh undefined| hstc undefined| hstcs undefined| htssc object| hsutube number| hsytindex object| hsutbarr object| hsplayerArray object| hitsteps number| hs_idleTime number| hs_idle number| hs_idles number| hs_timed undefined| getScript function| _hsni_addListener function| _hsni_get_href function| _hsni_get_parent function| _hsni_get_target function| _hsni_trackAlinks function| _hsni_noIdle function| _hsni_Idle function| _hsni_mnoIdle function| hs_CheckInactivity function| onYouTubePlayerReady function| onYouTubeIframeAPIReady function| _hs_elementor_video_overlay function| _hs_hash_changed number| aid number| sid string| _hs_api_code_public string| hs_lang number| hs_enable_form number| _hs_noyoutubeapi number| _hs_heatmap_allowed number| _hs_pre_compliance string| _hs_gdpr_compliance_txt string| _hs_gdpr_btn_yes string| _hs_gdpr_btn_no function| _hs_a_giveMeRandom function| _hs_a_readCookie function| _hs_a_writeCookie function| _hs_a_setVal function| _hs_a_getVal function| _hs_bt_toTime object| prm number| nochat number| _hs_youtubeapiloaded number| hs_pingcount number| _hs_gdpr object| regex object| matches object| img string| hs_rev string| hs_goal string| mysearch string| MySearch string| tag string| Tag string| label string| IPname string| ipname string| _hs_uniqueid string| _hs_integrity string| _hs_last_full_url string| uaddress string| utitle string| uref string| new_url object| battery object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| vEle number| _hs_is_it_elemenator_overlay_video object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: aU8VAR27av0
.youtube.com/ Name: GPS
Value: 1
.covid19india.org/ Name: _ga
Value: GA1.2.1260606432.1590430194
.doubleclick.net/ Name: IDE
Value: AHWqTUljuPsjRdSx7Nk9e0CIBPUhqSpLPSFDn7CsYbu5jAiHIrA_0FkPFOIarxzH
covid19aplive.tk/ Name: _HS_temp_id
Value: tegx7jq17mh
.covid19aplive.tk/ Name: _gid
Value: GA1.2.2027057172.1590430194
.covid19india.org/ Name: _gid
Value: GA1.2.1712062166.1590430194
covid19aplive.tk/ Name: _omappvs
Value: 1590430193853
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: mTVeAKJxeMM
.covid19aplive.tk/ Name: _ga
Value: GA1.2.1744587081.1590430194
.covid19aplive.tk/ Name: _gat_gtag_UA_54176113_3
Value: 1
covid19aplive.tk/ Name: _omappvp
Value: RntMFgP7Ko9nKCGmWDvvuSPC7y7qBPnIwKUkdfQ7FwfmUj2tsLjTZS8m3KxEh0FCutBtS68saZtaiJXrcTeuWTIgBSgPWi3O

1 Console Messages

Source Level URL
Text
console-api error URL: https://a.opmnstr.com/app/js/api.min.js(Line 2)
Message:
[OptinMonster] The campaign could not be found. Check to make sure it is active.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.opmnstr.com
adservice.google.com
adservice.google.de
api.omappapi.com
cdn.000webhost.com
covid19aplive.tk
covid19apnew.000webhostapp.com
getdrawings.com
googleads.g.doubleclick.net
hitwebcounter.com
log.hitsteps.com
media.giphy.com
pagead2.googlesyndication.com
s.ytimg.com
tpc.googlesyndication.com
www.covid19india.org
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.hitwebcounter.com
www.youtube.com
covid19aplive.tk
104.28.6.34
13.225.87.83
151.101.38.2
185.199.111.153
23.111.11.182
2606:4700:10::6814:442e
2606:4700:3037::6818:6698
2a00:1450:4001:801::2008
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:825::2002
2a02:4780:dead:9d4a::1
2a02:4780:dead:d63e::1
96.30.25.216
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a43e3660404b3943519976e389565d42a7c676c5f970772fb177615b5ddd1a5
0b590e1ae7bcc7656f68655576fcaa8dfd83a034212a816d856ef131f11f6478
0e4a851cebdc0c78f37f828b62e02e0d1f81f9f30024fdd5ab092230fecbff51
0e5a4639d52b391b4d81e93d8a89f24ffdeaee1f37d9dfdb4b8a5cd5d99ba05a
111953de596acbf475fe62a675411d744e56b0d246864461ff8c9a93a7f7c58e
29e7ad98a3b9489c8b90ba43635b7d5417eb17f62575a53a6eaa865c6df68966
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
35bf1f63fb0039a6f6b3e6890ded2bf9df49f8088d91bc986018f7bbc9728619
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
7708266482d0e0b8e12d6e1c78bc91e7f10fc21f25893e909a41245053f45099
783e9604bee7519a403c57d7ef64ed3b287d3b2fec687e176bb779b5c0556b70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
976241caa9b3e6015ccacc5756f3070826486c170befabc382602800732e013c
9a743a92db0b6aaaefae53df128beb23bf5168ac2c61953e8c1c29b32fd416b4
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b384b144b4881ca50f8160c4ef224c96dfab5b3837a41977b322b746bfbbd763
c2860c732df0925b78aa3cfd1ed4b564c57074c0435e51c6839f95832c329781
c465784ea66e8bfa06ff913a249b12d0c70e483cdb1f6bf81f9ac66d0630b2de
cb4d92b0461c0775fdb8bf1a86f940101a78a286aaf348f3d11f01b2200f055f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81a7040d80482b10f42dae91b483c23d02cd43466fdb4f471303e7861a71453
e98c5fc94dcb7e588257c61d4a8359eec11252de8581488d80ca3c6df5c171b6
ef61e304b98e34b5955c17fcf56b1ffd2e0bf59b9fe59a18220ad7639dbcf59c
f5b3499415f2e3a0d33cd5482d234aa2e2d7e2e83cf7f86e57ced1a7bd5469f8
fcb673f7da578b0230aa24d90df47b3e751de9e9f19c2a1a9972394c20358285