coronavirus-covid.info Open in urlscan Pro
45.130.41.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://coronavirus-covid.info/
Submission: On December 06 via api (December 6th 2022, 12:19:21 pm UTC) from JP — Scanned from JP

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 10 countries across 48 domains to perform 141 HTTP transactions. The main IP is 45.130.41.33, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is coronavirus-covid.info.
TLS certificate: Issued by R3 on December 6th 2022. Valid for: 3 months.

This is the only time coronavirus-covid.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	45.130.41.33 45.130.41.33	198610 (BEGET-AS) (BEGET-AS)
1	2404:6800:400... 2404:6800:400a:80a::200a	15169 (GOOGLE) (GOOGLE)
2	92.38.138.91 92.38.138.91	210756 (EDGECENTE...) (EDGECENTERLLC)
1	85.192.12.169 85.192.12.169	12695 (DINET-AS) (DINET-AS)
2	2404:6800:400... 2404:6800:4004:81d::2002	15169 (GOOGLE) (GOOGLE)
2	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
1 19	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
2	2404:6800:400... 2404:6800:4004:811::2003	15169 (GOOGLE) (GOOGLE)
8 41	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 9	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	193.106.95.134 193.106.95.134	48614 (ITSOFT-AS) (ITSOFT-AS)
11	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
3 3	193.3.184.135 193.3.184.135	50214 (QWARTA) (QWARTA)
1 1	193.3.184.217 193.3.184.217	50214 (QWARTA) (QWARTA)
3 4	203.195.121.142 203.195.121.142	7979 (SERVERS-COM) (SERVERS-COM)
1 2	13.231.96.223 13.231.96.223	16509 (AMAZON-02) (AMAZON-02)
1 3	13.250.210.117 13.250.210.117	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3	172.217.161.34 172.217.161.34	15169 (GOOGLE) (GOOGLE)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2 2	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
2 2	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	34.252.9.30 34.252.9.30	16509 (AMAZON-02) (AMAZON-02)
1 1	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	80.78.249.201 80.78.249.201	197695 (AS-REG) (AS-REG)
4 4	217.66.147.42 217.66.147.42	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 1	23.88.12.13 23.88.12.13	24940 (HETZNER-AS) (HETZNER-AS)
1 1	91.192.149.14 91.192.149.14	42481 (BEGUN-AS) (BEGUN-AS)
2 2	194.190.76.38 194.190.76.38	() ()
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:f45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
2 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	194.55.244.180 194.55.244.180	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
2 2	148.251.236.115 148.251.236.115	24940 (HETZNER-AS) (HETZNER-AS)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
1 1	46.243.143.249 46.243.143.249	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	178.170.196.176 178.170.196.176	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2 3	216.58.220.98 216.58.220.98	15169 (GOOGLE) (GOOGLE)
2 6	2404:6800:400... 2404:6800:4004:811::2004	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:825::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.203.154 74.125.203.154	15169 (GOOGLE) (GOOGLE)
141	33

23 45.130.41.33 (Russian Federation)

ASN198610 (BEGET-AS, RU)

coronavirus-covid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.38.138.91 (Moscow, Russian Federation)

ASN210756 (EDGECENTERLLC, RU)
PTR: f10.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)

6jfvnf69jx.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81d::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

rfpozf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

tat3ayogh6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:811::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a02:6b8::90 (Moscow, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:827::2002 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.3.184.135 (Russian Federation) 3 redirects

ASN50214 (QWARTA, RU)
PTR: asrv319.qwarta.ru

acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.217 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 203.195.121.142 (Singapore) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.231.96.223 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-96-223.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.250.210.117 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-210-117.ap-southeast-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.161.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.23 (Russian Federation) 2 redirects

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.174 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.9.30 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-30.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.156.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.78.249.201 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.42 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-42-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.12.13 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.13.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.38 (None, ) 2 redirects

ASN- ()

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.86.150 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Baden-Baden, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.180 (Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.236.115 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-5.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.143.249 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr02.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.176 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr13.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.220.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s30-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:811::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.203.154 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	yandex.ru 9 redirects mc.yandex.ru — Cisco Umbrella Rank: 3018 an.yandex.ru — Cisco Umbrella Rank: 3803 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 23399 yandex.ru — Cisco Umbrella Rank: 1552	293 KB
23	coronavirus-covid.info coronavirus-covid.info	1 MB
13	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 bid.g.doubleclick.net — Cisco Umbrella Rank: 749	11 KB
11	yastatic.net yastatic.net — Cisco Umbrella Rank: 5618	246 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 54261 www.google.co.jp — Cisco Umbrella Rank: 18110	2 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 31425 tech.rtb.mts.ru — Cisco Umbrella Rank: 37966	4 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2641 euw-ice.360yield.com — Cisco Umbrella Rank: 12124	2 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2218	3 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 942 www.googleadservices.com — Cisco Umbrella Rank: 170	16 KB
3	acint.net 3 redirects acint.net — Cisco Umbrella Rank: 23064	1 KB
2	rutarget.ru 2 redirects yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 70020 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 69905	836 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 12718	1 KB
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 31578	1 KB
2	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 12535	1018 B
2	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 23119	402 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 60520	977 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10028	504 B
2	adhigh.net 2 redirects px.adhigh.net	811 B
2	kimberlite.io 2 redirects kimberlite.io — Cisco Umbrella Rank: 31394	1 KB
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 22520	1 KB
2	hybrid.ai 2 redirects dm.hybrid.ai — Cisco Umbrella Rank: 27947	835 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 222	2 KB
2	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 6808	58 KB
2	gstatic.com fonts.gstatic.com	52 KB
2	rfpozf.com rfpozf.com	23 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109	166 KB
2	moevideo.biz moevideo.biz — Cisco Umbrella Rank: 43164	52 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 15151	69 B
1	bumlam.com sync.bumlam.com — Cisco Umbrella Rank: 4870	390 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7875	332 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10955	205 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 66791	839 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 39237	244 B
1	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 7914	371 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18457	178 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 67593	387 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 15640	241 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 29468	698 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 64219	317 B
1	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 51038	223 B
1	tat3ayogh6.com tat3ayogh6.com — Cisco Umbrella Rank: 140562	49 KB
1	6jfvnf69jx.ru 6jfvnf69jx.ru	42 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	1 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	opera.com Failed t.adx.opera.com Failed
0	backforward.bid Failed backforward.bid Failed
0	mnayto.com Failed mnayto.com Failed
141	48

	Domain	Requested by
41	an.yandex.ru	8 redirects coronavirus-covid.info an.yandex.ru
23	coronavirus-covid.info	coronavirus-covid.info
19	mc.yandex.ru	1 redirects coronavirus-covid.info mc.yandex.ru yastatic.net
11	yastatic.net	an.yandex.ru coronavirus-covid.info yastatic.net
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.googleadservices.com
6	www.google.co.jp	coronavirus-covid.info
6	www.google.com	2 redirects coronavirus-covid.info
4	sm.rtb.mts.ru	4 redirects
4	ads.betweendigital.com	3 redirects coronavirus-covid.info
3	www.googleadservices.com	2 redirects yastatic.net
3	cm.g.doubleclick.net	coronavirus-covid.info
3	match.360yield.com	1 redirects coronavirus-covid.info
3	acint.net	3 redirects
2	bid.g.doubleclick.net	www.googleadservices.com
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync.1dmp.io	2 redirects
2	ssp.adriver.ru	coronavirus-covid.info
2	sonar.semantiqo.com	1 redirects coronavirus-covid.info
2	redirect.frontend.weborama.fr	2 redirects
2	px.adhigh.net	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	kimberlite.io	2 redirects
2	euw-ice.360yield.com	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	dm.hybrid.ai	2 redirects
2	dpm.demdex.net	1 redirects coronavirus-covid.info
2	avatars.mds.yandex.net	coronavirus-covid.info
2	fonts.gstatic.com	fonts.googleapis.com
2	rfpozf.com	coronavirus-covid.info rfpozf.com
2	pagead2.googlesyndication.com	coronavirus-covid.info pagead2.googlesyndication.com
2	moevideo.biz	coronavirus-covid.info moevideo.biz
1	yandex.ru	yastatic.net
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	sync.dmp.otm-r.com	coronavirus-covid.info
1	sync.bumlam.com	coronavirus-covid.info
1	counter.yadro.ru	1 redirects
1	s.uuidksinc.net	1 redirects
1	rtb-eu-warsaw.intent.ai	coronavirus-covid.info
1	profile.ssp.rambler.ru	1 redirects
1	nr.bidderstack.com	1 redirects
1	exchange.buzzoola.com	1 redirects
1	cm.tns-counter.ru	1 redirects
1	im.bluevoox.com	coronavirus-covid.info
1	ssp-rtb.sape.ru	1 redirects
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	coronavirus-covid.info
1	prodmp.ru	tat3ayogh6.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.jp	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	tat3ayogh6.com	6jfvnf69jx.ru
1	6jfvnf69jx.ru	coronavirus-covid.info
1	fonts.googleapis.com	coronavirus-covid.info
0	mitdmp.whiteboxdigital.ru Failed	coronavirus-covid.info
0	t.adx.opera.com Failed	coronavirus-covid.info
0	backforward.bid Failed	coronavirus-covid.info
0	mnayto.com Failed	coronavirus-covid.info
141	59

This site contains no links.

Subject Issuer	Validity	Valid
coronavirus-covid.info R3	`2022-12-06` - `2023-03-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2022-03-31` - `2023-05-02`	a year	crt.sh
0u48ltm1ok.ru R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
rfpozf.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
pwrlkyotm.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
prodmp.ru R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.bumlam.com R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://coronavirus-covid.info/
Frame ID: 2B5A1BD4C9584A9CCBC52192B14C4403
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: 066CDE0F19F9C00993240FEEFD0B86AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7212059611832116&output=html&adk=1812271804&adf=1573534164&lmt=1670329149&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcoronavirus-covid.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670329149644&bpp=4&bdt=1982&idt=180&shv=r20221129&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500512235541&frm=20&pv=2&ga_vid=727510285.1670329150&ga_sid=1670329150&ga_hid=1339413427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31071078%2C44770880&oid=2&pvsid=4102680118676656&tmod=1132077890&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194
Frame ID: 3B66AEE4A43C771FDDA9FAD8292ED6F1
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: F37EEE99BAC173C4832AFAE82BC467CB
Requests: 62 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: A51C5AC3EF7B8CB89C10DB354EE007D1
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 988F20E1E7DCDB91611DE0EBE2EDDCD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Все О Коронавирусе: Заболевшие Коронавирусом, В России, Мире, Европе, Определение, Симптомы, Цифры, (2020)

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

74 %
HTTPS

30 %
IPv6

48
Domains

59
Subdomains

33
IPs

10
Countries

2102 kB
Transfer

4509 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.ru/watch/62240389?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A985069575683%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121910%3Aet%3A1670329151%3Ac%3A1%3Arn%3A956335079%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329146557%3Arqnl%3A1%3Ast%3A1670329151%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20(2020)&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/62240389/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A985069575683%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121910%3Aet%3A1670329151%3Ac%3A1%3Arn%3A956335079%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329146557%3Arqnl%3A1%3Ast%3A1670329151%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20%282020%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 73

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/ec67517ad8d6e2e67ba394

Request Chain 74

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=2203420A44338F63A700654202EF2BAF&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007F42338F638703820302577D68

Request Chain 75

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/50eccd6b-225b-5454-a10e-5327c2816065

Request Chain 76

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=A77008032CD4F188 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=A77008032CD4F188

Request Chain 77

https://an.yandex.ru/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 79

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=619BCFB96B4A5FC6

Request Chain 80

https://an.yandex.ru/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3362A15FAF66352C

Request Chain 82

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 83

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 84

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 85

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=98A5407FD3C94A66

Request Chain 87

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/c493f0d47e96018d4e92a74bf789ec3b4e205700e144b1c2d79afff454a7e01a

Request Chain 88

https://dm.hybrid.ai/match?id=182 HTTP 302
https://an.yandex.ru/mapuid/targetixis/ae463e97366596b63449

Request Chain 89

https://dm.hybrid.ai/yandexdmp-match HTTP 302
https://an.yandex.ru/mapuid/dmphybridai/684deef8473d6478774f?sign=2446316008

Request Chain 90

https://dmg.digitaltarget.ru/1/119/i/i?i=1670329151 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1670329154936&i=1670329151 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/Xb6-PHFZkWj5nV57fyo.

Request Chain 91

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/334e8737-3ef3-46bc-aebf-d39b456b426d HTTP 302
https://match.360yield.com/match?external_user_id=334e8737-3ef3-46bc-aebf-d39b456b426d&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 92

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/eff8e4b1-55aa-4d65-414e-652499f4cb22

Request Chain 93

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsoltadspis%252FY48zQzLHtR4%26n%3D1 HTTP 302
https://kimberlite.io/rtb/sync/between2?u=50eccd6b-225b-5454-a10e-5327c2816065&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FY48zQzLHtR4&n=1 HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Y48zQzLHtR4 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=Y48zQzLHtR4 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=6d669605-4613-498b-ae3a-6fff942cc2c1&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FbWaWBUYTSYuuOm__lCzCwQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D3554395671 HTTP 302
https://an.yandex.ru/setud/mts_banner/bWaWBUYTSYuuOm__lCzCwQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3554395671

Request Chain 95

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/a4c31300-3a2f-4a7a-9a97-2b41d2177c9c

Request Chain 96

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 97

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
https://an.yandex.ru/mapuid/getintentis/xSmarlVz7j2.AikABlGE52BQyw

Request Chain 98

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=211192240 HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/kK2Zz7tc0yEbG344dnR6qu

Request Chain 100

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/HJsq4BTQhB63W4Y2pNrw

Request Chain 101

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=f828b8ef-85cb-4213-b162-d8ac89837f7d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Ff828b8ef-85cb-4213-b162-d8ac89837f7d HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/f828b8ef-85cb-4213-b162-d8ac89837f7d

Request Chain 102

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=a65501f9b3b4447c9dee0779df5555aa HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a65501f9b3b4447c9dee0779df5555aa

Request Chain 105

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/34487f30-7560-11ed-acfd-901b0e8b2a6e?sign=296628289

Request Chain 108

https://sync.upravel.com/yandex/sync HTTP 302
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/83d4900f-14d3-4963-9fe6-76aacfdcb8f6

Request Chain 109

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/IuSBrNxKYSUIDiGN%2F%2BhO8Q?sign=3314469528

Request Chain 110

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/UMKlX3i0q4R5?sign=622280794

Request Chain 111

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/xRZYF3u4l7Fr

Request Chain 121

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RjOPY4ahB8_SqAHwqb6oDA&random=1715062225&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148&ipr=y

Request Chain 122

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RjOPY7ehB9L6gQOF2pnoDA&random=1392019703&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969 HTTP 302
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969&ipr=y

141 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
coronavirus-covid.info/ 73 KB
19 KB 1096ms
405ms Document
text/html 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 / PHP/7.4.33
Resource Hash: e61eb5ef27b9a61953d3e09ca7d5713a8a23b319519624c0028d533af6ca7ab4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 12:19:07 GMT
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 theme.min.css
coronavirus-covid.info/wp-includes/css/dist/block-library/ 3 KB
942 B 206ms
202ms Stylesheet
text/css 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-includes/css/dist/block-library/theme.min.css
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:07 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:17:52 GMT
server: nginx-reuseport/1.21.1
etag: W/"62f9f320-a9a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Dec 2022 12:19:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 116ms
52ms Stylesheet
text/css 2404:6800:400a:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80a::200a Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fac8d2c12bd4f54331fd14071ae8b9858069205044dca960a76bc499bdcba14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 12:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 12:19:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 12:19:07 GMT

GET
H2 200 style.min.css
coronavirus-covid.info/wp-content/themes/reboot/assets/css/ 215 KB
40 KB 212ms
209ms Stylesheet
text/css 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-content/themes/reboot/assets/css/style.min.css
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1dbaa5b506f0d39f17b10bb2ae11f1726b6e4af77f13e7bdd0dae45d347bf869

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:07 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:17:49 GMT
server: nginx-reuseport/1.21.1
etag: W/"62f9f31d-35c8c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Dec 2022 12:19:07 GMT

GET
H2 200 jquery.min.js Show response
coronavirus-covid.info/wp-includes/js/jquery/ 87 KB
30 KB 213ms
210ms Script
application/x-javascript 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-includes/js/jquery/jquery.min.js
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:07 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:17:53 GMT
server: nginx-reuseport/1.21.1
etag: W/"62f9f321-15d98"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Dec 2022 12:19:07 GMT

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 176 KB
52 KB 1134ms
448ms Script
application/javascript 92.38.138.91
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 65588e6632136114451f3126d5b2484c027349addda567e1783ab55eff00ff00

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 12:19:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Nov 2022 11:47:02 GMT
Server: nginx
X-My-Name: s166
ETag: W/"6385f136-2c0d4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-My-Reqtime: 0.029

GET p0my308hq678quv786kpyvuq.php
mnayto.com/62h17l912vli/ 0
0

GET
H2 200 script.js Show response
6jfvnf69jx.ru/ 109 KB
42 KB 1677ms
569ms Script
application/javascript 85.192.12.169
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://6jfvnf69jx.ru/script.js
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ae7ae506f0986636c20d9238f3f4019e2fcca117a7e4c878e4341c9dbaa87dad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:08 GMT
content-encoding: gzip
server: nginx/1.18.0
x-adsbid-request: ob1cpsvayiwf
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800

GET AsDdJUIQX.js
backforward.bid/pushJs/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 215ms
171ms Script
text/javascript 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

627c6162cb011832688693b17319ae9f12313f57d4f66bc12bb8b3f4aeec02ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49202
x-xss-protection: 0
server: cafe
etag: 13586853635624756647
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 12:19:09 GMT

GET
H2 200 678kypz3.php Show response
rfpozf.com/gvsl71219liv0mpy03hq8/678qvu/ 75 KB
23 KB 1115ms
549ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rfpozf.com/gvsl71219liv0mpy03hq8/678qvu/678kypz3.php
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8e44f0a9e9571ccfdee404a36e119e6b5caa037b150fbbc074fd0424d8d41875

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:10 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 08:04:42 GMT
server: nginx/1.14.2
etag: "6388601a-5b94"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 23444

GET
H2 200 wpshop-core.ttf
coronavirus-covid.info/wp-content/themes/reboot/assets/fonts/ 57 KB
58 KB 212ms
211ms Font
application/octet-stream 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:07 GMT
last-modified: Mon, 15 Aug 2022 07:17:49 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31d-e52c"
content-type: application/octet-stream
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 58668
expires: Thu, 05 Jan 2023 12:19:07 GMT

GET
H2 200 logotip.jpg
coronavirus-covid.info/wp-content/uploads/2020/04/ 160 KB
161 KB 205ms
204ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2020/04/logotip.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 366c17b127df168d7758e3b64e9bbf3ddaa5148bec6d66042905cb7a068ef799

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:50 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31e-280e6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 164070
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 scripts.min.js Show response
coronavirus-covid.info/wp-content/themes/reboot/assets/js/ 51 KB
10 KB 206ms
205ms Script
application/x-javascript 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-content/themes/reboot/assets/js/scripts.min.js
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b9fbf62e3358151ff3aea4468c99c5118c76969b19967c24571a6800e04139c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:08 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:17:49 GMT
server: nginx-reuseport/1.21.1
etag: W/"62f9f31d-ccd9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Dec 2022 12:19:08 GMT

GET
H2 200 swiper.min.js Show response
coronavirus-covid.info/wp-content/themes/reboot/assets/js/plugins/ 134 KB
34 KB 211ms
211ms Script
application/x-javascript 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-covid.info/wp-content/themes/reboot/assets/js/plugins/swiper.min.js
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: ead7141abe6d8b287774492e5d2e71cabd518b8c71269fb6b73ff0431c990093

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:08 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 07:17:49 GMT
server: nginx-reuseport/1.21.1
etag: W/"62f9f31d-21888"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Dec 2022 12:19:08 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 1211ms
599ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-11e32"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73266
expires: Tue, 06 Dec 2022 13:19:10 GMT

GET
H2 200 38a89e25.js Show response
tat3ayogh6.com/pixels/ 141 KB
49 KB 1167ms
588ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tat3ayogh6.com/pixels/38a89e25.js
Requested by: Host: 6jfvnf69jx.ru
URL: https://6jfvnf69jx.ru/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2211863f0019ac74fdefb5b3ac100a7d65dbb91461c7b87531b20d4b741fef5b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:10 GMT
cache-control: no-store
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 10:56:43 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 Atsiklovir-protiv-koronavirusa-e1624115039858.jpg
coronavirus-covid.info/wp-content/uploads/2021/06/ 36 KB
36 KB 410ms
409ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/06/Atsiklovir-protiv-koronavirusa-e1624115039858.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 677a2329d8b982e75a8b5d44f285cb81747bbc507552c139c3b3a4b65cd3cf5f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-9044"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36932
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 pulmikort-i-berodual-vmeste-dlya-ingalyacii.jpg
coronavirus-covid.info/wp-content/uploads/2021/06/ 17 KB
17 KB 410ms
410ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/06/pulmikort-i-berodual-vmeste-dlya-ingalyacii.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: cf99fbd33127cc6907ec76d9acfac04bfb09cc7fd8fbe18dba9e6d9162252bde

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-4498"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17560
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 bronhomunal-7-mg-instrukciya-po-primeneniyu.jpg
coronavirus-covid.info/wp-content/uploads/2021/06/ 32 KB
32 KB 411ms
410ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/06/bronhomunal-7-mg-instrukciya-po-primeneniyu.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: d096622fac5e00e78c7c1bc7037effdacea094af2186f859e550fddc857c8596

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-7f0e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32526
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 44ms
3ms Font
font/woff2 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:45:15 GMT
x-content-type-options: nosniff
age: 308034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 22:45:15 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 44ms
4ms Font
font/woff2 2404:6800:4004:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 01:42:15 GMT
x-content-type-options: nosniff
age: 297414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:42:15 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 447 KB
119 KB 974ms
322ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

01f5db543ad51391eced4f47e21e34817fd617df68a6201bded15c002068cde1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1670329150188539-354452384579346722100106-production-app-host-sas-pcode-289
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 06 Dec 2022 13:19:10 GMT

GET
H2 200 Ibuklin-pri-koronaviruse.jpg
coronavirus-covid.info/wp-content/uploads/2021/06/ 57 KB
58 KB 597ms
595ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/06/Ibuklin-pri-koronaviruse.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 495e804b9ffa1c633071d32b606b276406526fa472a1e8ef0a634460b8c7b0d1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-e556"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 58710
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 kagocel-ot-koronavirusa.jpg
coronavirus-covid.info/wp-content/uploads/2021/05/ 79 KB
79 KB 598ms
596ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/05/kagocel-ot-koronavirusa.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 389008af3997dc2fd4c7d737dbedb93af241e7714d27ff1fa4c42b81b4bca170

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-13c3a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 80954
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 Kaletra-ot-koronavirusa.jpeg
coronavirus-covid.info/wp-content/uploads/2021/05/ 31 KB
31 KB 599ms
597ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/05/Kaletra-ot-koronavirusa.jpeg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: bc4e71ec93435dce801dbd2e87169234d0af2dd64c4f24be7fece8d3eaad8466

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-7b44"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31556
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 oznob-pri-koronaviruse.jpg
coronavirus-covid.info/wp-content/uploads/2021/05/ 115 KB
115 KB 602ms
601ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/05/oznob-pri-koronaviruse.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9eae5475e1ab684a87c5d8546e96903cf75908c0e16f1de62033124f47f587c7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-1cc80"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 117888
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 Oseltamivir-e1622215988926.jpg
coronavirus-covid.info/wp-content/uploads/2021/05/ 10 KB
10 KB 603ms
602ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/05/Oseltamivir-e1622215988926.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 845c2f5e4b94aa4c0831dcbe842968c35211eca62b717d5d2274bd4017dfe4e0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-2903"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 10499
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 polioksidoniy-pri-koronaviruse-1.jpg
coronavirus-covid.info/wp-content/uploads/2021/03/ 66 KB
66 KB 792ms
790ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/03/polioksidoniy-pri-koronaviruse-1.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1afa9b0f70e0103e290b5f7fd101fc58a88fe430d9006dc96dab3891089298da

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-10803"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 67587
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 Hlorgeksidin.jpg
coronavirus-covid.info/wp-content/uploads/2021/03/ 97 KB
97 KB 793ms
792ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/03/Hlorgeksidin.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9ede0d08c53c7868900dbfa5a2cec240fbd3b031658fbcbb2b8bac366b182088

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-1829b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 98971
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 Propolis-pri-koronaviruse-e1617209274916.jpg
coronavirus-covid.info/wp-content/uploads/2021/03/ 65 KB
65 KB 794ms
793ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/03/Propolis-pri-koronaviruse-e1617209274916.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 76d66882e7064541a134c01e41c3ba8b2a05adbd59e6d7e9094d1470a2e8e81c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-10222"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 66082
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 perekis-vodoroda.jpg
coronavirus-covid.info/wp-content/uploads/2021/01/ 46 KB
46 KB 795ms
794ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2021/01/perekis-vodoroda.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 8e30a168ee2b33d767e71536d50e915a1435a9a84c14af2cb1fe9ad198786afd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-b87d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47229
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 nurofen-pri-koronaviruse.jpg
coronavirus-covid.info/wp-content/uploads/2020/11/ 28 KB
28 KB 796ms
795ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2020/11/nurofen-pri-koronaviruse.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 99de02521e111183b7076a4c3e0e439749edabe91048051cadd90a386013774d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-70e5"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28901
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 plakvenil-pri-koronaviruse.jpg
coronavirus-covid.info/wp-content/uploads/2020/11/ 18 KB
18 KB 797ms
796ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2020/11/plakvenil-pri-koronaviruse.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b6b86dba8fc64c06c4777c97bacd8296c88d78c86ef0cc7d0b17cd705a07a075

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-4722"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18210
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
H2 200 remantadin-protiv-koronavirusa.jpg
coronavirus-covid.info/wp-content/uploads/2020/11/ 34 KB
35 KB 798ms
798ms Image
image/jpeg 45.130.41.33
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-covid.info/wp-content/uploads/2020/11/remantadin-protiv-koronavirusa.jpg
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.33 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e82e845a340b4bae90644f0da9de38cd31ce4f00502d7a05358c5fb89af9bc98

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
last-modified: Mon, 15 Aug 2022 07:17:51 GMT
server: nginx-reuseport/1.21.1
etag: "62f9f31f-8926"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35110
expires: Thu, 05 Jan 2023 12:19:09 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 356 KB
117 KB 81ms
80ms Script
text/javascript 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c8fb76c938136e6acdd1bd5b6fc74ebad2ee794c71763f8a13403d5fa731c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119781
x-xss-protection: 0
server: cafe
etag: 4689224866589329187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 12:19:09 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame 066C 10 KB
5 KB 93ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronavirus-covid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 32710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 03:13:59 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 03:13:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 411 B
472 B 39ms
39ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=coronavirus-covid.info&callback=_gfp_s_&client=ca-pub-7212059611832116&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e28088bab6fc8accd0a26dfb2f3026e8e131abb86004b536b4c439dcb64c894d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 129ms
42ms Script
application/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=coronavirus-covid.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 81ms
41ms Script
application/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coronavirus-covid.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3B66 603 B
68 B 215ms
177ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7212059611832116&output=html&adk=1812271804&adf=1573534164&lmt=1670329149&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fcoronavirus-covid.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670329149644&bpp=4&bdt=1982&idt=180&shv=r20221129&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3500512235541&frm=20&pv=2&ga_vid=727510285.1670329150&ga_sid=1670329150&ga_hid=1339413427&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531706%2C31071078%2C44770880&oid=2&pvsid=4102680118676656&tmod=1132077890&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_fy2021.js?bust=31071078

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronavirus-covid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 12:19:10 GMT
expires: Tue, 06 Dec 2022 12:19:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 45 B
219 B 226ms
225ms Script
application/javascript 92.38.138.91
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1670329150085_53060
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 99486786c0e2e5dcc76f66e37f88472cb5ca7d1b82294a88a881432d2147c7b9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 12:19:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 45
X-My-Reqtime: 0.020
Content-Type: application/javascript

GET
H2 400 render Show response
rfpozf.com/v4/ 113 B
240 B 821ms
273ms XHR
text/plain 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rfpozf.com/v4/render?surfer_uuid=2c9359e6-cb9c-4c57-8a70-ed9174ec0ca0&referrer=https%3A%2F%2Fcoronavirus-covid.info%2F&page_load_uuid=9fbb4265-4d90-41fd-96f7-364a0b828d7e&page_depth=1&a0pduofk9i=b5a09958-6986-412d-b595-6421b7f0ee0f&block_uuid=b5a09958-6986-412d-b595-6421b7f0ee0f&refresh_depth=1&safari_multiple_request=886
Requested by: Host: rfpozf.com
URL: https://rfpozf.com/gvsl71219liv0mpy03hq8/678qvu/678kypz3.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: dabe0efbc37778a08982db3c0ad8ba9c442247b69c7128b5f44666dfe9dcfb6f

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 12:19:11 GMT
server: nginx/1.14.2
access-control-allow-headers: *
content-length: 113
content-type: text/plain; charset=utf-8

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
223 B 917ms
218ms Script
text/javascript 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: tat3ayogh6.com
URL: https://tat3ayogh6.com/pixels/38a89e25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: text/javascript
date: Tue, 06 Dec 2022 12:19:11 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/62240389/
Redirect Chain

https://mc.yandex.ru/watch/62240389?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.ru/watch/62240389/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%...

489 B
571 B

305ms
305ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/62240389/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A985069575683%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121910%3Aet%3A1670329151%3Ac%3A1%3Arn%3A956335079%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329146557%3Arqnl%3A1%3Ast%3A1670329151%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20%282020%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b57c1ae37417ba61d874fa6faa47ad2e16a57896fae6c2845b855baa4069bca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 12:19:11 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 489
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:11 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:11 GMT
location: /watch/62240389/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A985069575683%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121910%3Aet%3A1670329151%3Ac%3A1%3Arn%3A956335079%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329146557%3Arqnl%3A1%3Ast%3A1670329151%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20%282020%29&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:11 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 301ms
300ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 06 Dec 2022 13:19:11 GMT

GET
H2 200 1c0942547d39e10f5f56.js Show response
yastatic.net/partner-code-bundles/690418/ 14 KB
5 KB 1280ms
702ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/1c0942547d39e10f5f56.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3f2b4f72cd998f7bb52f72777d94e68fc5293d85010781b130af9354420aacac

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4802
last-modified: Mon, 05 Dec 2022 08:25:02 GMT
server: nginx/1.17.9
etag: "4bdc8841068e0eb8c66bc1fdc3c65dbd"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:50:52 GMT

GET
H2 200 3e927b31a91a9da70383.js Show response
yastatic.net/partner-code-bundles/690418/ 107 KB
24 KB 1430ms
854ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/3e927b31a91a9da70383.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d11ad1b0e06c91036fb4f3025ba758251cfa4b1155561a596805a62ec30372bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 23486
last-modified: Mon, 05 Dec 2022 08:25:02 GMT
server: nginx/1.17.9
etag: "858dc365b753498a18c7887d15059d04"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:50:46 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 1552ms
977ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:52:26 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 1150ms
580ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:12 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: e0b04cad40f9d6d5
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 18:05:38 GMT

GET
H2 200 608151 Show response
an.yandex.ru/meta/ 139 KB
35 KB 658ms
658ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/608151?target-ref=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C93%3B685882%2C0%2C92%3B687453%2C0%2C56%3B689553%2C0%2C3%3B688962%2C0%2C31%3B689268%2C0%2C49%3B690418%2C0%2C34%3B681850%2C0%2C71%3B687366%2C0%2C21&pcode-flags-map=eJytV9tu2zgQ%2FZWFn4uu7pe%2BURJlE5FILUnZcYuCcBM3DZDYi8Qpuhv033coybYkJ3Szu0AeHMPnzHAuZ2aeJ2RKGceqJELgTGVIIlUhjkqhcsbVnGSYKUJVysqETT58ep58X909rScfJusff07eTXbrxx25hn%2F92PJ8f%2FLz87vJHAnF8R81FlLNS1SpnLNSoUwM8JLXuE8Q2KETWQ0Bpigp8Mg4fMgJJRKDf%2BmFmDGpFkTOWC0VAt%2BlMHkX%2BH4QuW8m%2Fz%2BYUVGoirOsTqU4NfM2agyUb8xLj0TnBWwuIBWqQAkuGiogSRClmJuzE7iuFzY0GVOUtURzzCVJUaHIXCW1lIyaSSDDYTQmASyQXJxzIHTt2HsBiwtcYirPFFfoRvYglBQvlLiAx8OfjgdDGeaqKtBy5Mg4npHvxPEhnoRWaIqV0C9YqowITZ41SU90ZWY5u4SvOU6lErgoBtT4shpSh7bTUnddKZZUzjBwt30klxVuuxPLc%2BGKoB%2BdY7ikyjhaHOtGTtGhfXLCoVNzTatICc8xvz923OBYT7KtecwFGWUffulCtvtY8Clu819T0oVc1yAqqz509%2FC07sE8J3LjVhlqAUERTdGOMGM%2FeyBIr8CYKpYIzOfj9G5WX%2B7WA6QbOHFb6jm5BGWkaobJdCYVlWaTnu%2FGdgNcIprhS8VrlbESEWpUTivcR1TbSzi7AGfBlppykhmRduhHwYsGdSlKThIj3LGtoG2pj5g6Kq%2BhahckA907Wwa%2BZ3udWjfYrvJVwrhOKkcZqcVvv8iwRNrv1mFonQVaGiXX99ywi3OWVzBqRMUoFIYkJYZ6HkAdy7KGWM9y2zdXKcswCChAqVGHfc8Hmq6UdD9zrGt3b0%2FpNjbCvTB0TuEk18Kz0E0E1flvGPYOzFFRD7LlWi%2BjC4w4VaWWljniBI3e7QyM%2BpbVRbnihHEilypZgoLgRcW4OWBBGHS9t6%2BLTgJTYRRXP7bDqFeRRKgUcQ7qhdJ0LPIjlfBj17ftAbapYnHQuQplGaFTM4nne63nKaspqGwruq7Zay8K%2FV56Sg6CTQRJSAFRM5uLw%2BBVpGIw4AuYLGes7znKupCkHeYKBDYnMImIfkSOUnM3x5EThj0%2FOpJ2XEimC1WPxgS2Ft0xkrOiODMnLcdz26qbcpQ45t9CiVrH3ypBPg789W3HMv3%2Bhc63%2FVcQ%2B%2BKY4Wb8cJxhAePW6J%2FtO0GL1msDxzlozgx2hilJzbjI7QQWggZjttQdxDHdz72K48Qs8QFotGMPWglmIIe6ptBNMwz50LItUq4nnBBGJQrs2PZaf3ogVFX6KVNoDTPYsWN%2F4MmMyOYZPTII5oVkZi%2Fc0HEGu1halarEGUEKSJAk82bImzlid3gspFX6nzlGm3uGcwQd9cal3fOtIBiESZSISwX3UI01%2Bbkk%2BUEQtHEu0Mdls5mqZlb1Uc%2BTr%2Bvd1bdy9XBzu%2Bmq%2FX775fZuLa5Wd7ebm8kH5%2Bdgf%2FetbqnpuwOjSyWF7uoCxm%2FfwKfJ%2Fer27v3DE%2Fj212pzvf4Bn3%2B%2FvV%2FdrB8HX92s7ptvrv9eb9qfr77f7rbtx%2Fv3h38%2Bv%2ByNXiLljLPFOPoYdJ9rBSQU5huBHa44E%2FnQDjvFSfX%2BzWjXaSjXOk7aBbfZOs0tF0ZxEB%2FWzZwToCmW%2BwW5aZg34JOLEzk7QQSx2%2FVlD%2FHWCzwIY88KDyww6zPNUJotR15gjy23jWS25TiWM1YSva%2F%2BkgJEgdddY3r9gtsllfBUaAzlOla7hzZzr10pT6%2FTE74wck9fATfOmUsmiI6o41gTqoKRCdsDnO3zF47Lr49qt326%2BjY8bWwrcg4VrQn7FyZFtKoHJDkqxOhi86OOYRCUiyb3Bexs2YtL2%2F12s7369rC9X9PtJt1udg%2Brx90oOnCYGInPBHcP1y%2FqDw4KC5Ycn31Xu7tRlP0evB22Ki%2BYPvuyJlDNmta6YnYEEua8ykSajQWWlPEJ8OVpt9tufp1pAH5YX68fb29eg6MsOZw%2BYoYykLFmIAoITtYynjumg%2Bh4jYyPU30w2ycntK0RP%2F8B8tnMgA%3D%3D&pcode-icookie=XT%2B6Kc4oVTRI5uXrdA0eUgEdgzgjyiU7F7G4n9CVw2RUH02WptpcF10roETjm2rZagcYrem%2BJfpk62TDfJQHgmMPW9Q%3D&duid=MTY3MDMyOTE1MTE4NTI2MzAzNA%3D%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=133040906960898&ad-session-id=8544881670329151367&target-id=42249819&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fcoronavirus-covid.info&top-ancestor-undetermined=0&pcode-version=690418&pcodever=690418&flash-ver=0&available-width=1100&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1100%2C%22h%22%3A0%2C%22width%22%3A1100%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A250%2C%22top%22%3A752%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0ODB9ChKjtJDjqIkhBKjrR2X-Rba2T_wnXtb7NtlU0_2b1Ms26SrOOtll0oTL1G2SdanbdG05efqksHBupvP5lskmExWo7i_QVwH0BtrGGMQYQRUuXbjM_pvmL3xTRYoUIQwDMRypxILDJLQErgXDtUCwbCaRZVssS2QJLYdJxBQPQrBdC8RFjbOIOZbAEjJBtZyBXYeHbbHVrgXHtaAtEsJF71jOooc1_C3BAgvSMj9wYhxIGBbGoLCwFtAwwRpGFgXUBYC9CAmGPSbCRQ0gyzxoC-0FBsio0aJGCyTw0WRK2G5IfxET3wUftQUno3cXMBTAWNxEJdviQeEMbz3yL5GWmovCWcRYTISuxQ_IsMAs7Zi4A4OZcm7iyh_OLsAAJIADFECr0IAzvKAvKwSLshgZAomYeItek-YuABEBPiDq0GSJ5QyN7SI5P6PSp96iCXa_RJ2REyx0RUuHof2yhfFZi4b8C8CyqfIhN9yWWRYTtGWIy0ScCQJiQH0mQosHtibtLcwFULhMEAy_njOMBZrLFM_6h3x8Jq7FWVrihkQanoAdqroLsGimOIwufd0Z0C5jF-LmbnbDKXmDEy07CJZ5wck4JBs6F0GFg2Y6rAkL_ZQZ1tiDdmHhTvMXLNs87jkRLD1Es_aeYtOtqL3QZyJA5YJPg1yCjIyaBrlCSUFNI5FLyBTUEFFt0tA28WmQKSRKl1SJTAEWPYWCmFIqJ5HIZaT0LqWMVKIglYBFn3cOXByneVeaRBa5Kg3KATss7pp8Kr7u4WwXCru26IDRCtG1Q7phfOm_HKacu3igLtRxmLjL7aRZYJa-MAeCS_ep1y356WoE3SladEfl5mWCHPvXYwp6ZfQi5vB3LeAXPfYsBxU9LTUNbfcllYwCiUtJpiQmBoseuQyZwqUik5G7oJOoFMioFBQqqYKYREZKLAdD4RLLKRRUSqlKKidHLqGnpqGQg5HhI5ZLFItamYAAU06iIpOTgunuOBQK0mVZSaGQqiQKIC5siYq8XjTXPUGxjgqz0hp8Glpl17xCGkBZVWhRICUjM9C9EKnkpKTDWQ5EBYU-XyqpkpRCTkreSBfSaHwkbyN6as3QvmtEsxs8bA1QyEBBgFihlFIip_d40jYyahpSZeKATCknVS0QcnLlFLoubcy8MyETAahpkJIlTgpSpIuKTL4zp7Zgb4sCu-UNbXsL3pY-bAuAvyraQVCcYS4COAsI6tYfbCOit8Qgg7rw6CGBtcihWSDpIgVp2RlYoOsjGQZhLWLgFgEsCzBGBMAvLIBdQDCXowEWkBcVPAvwp8PpsTUNz8h1US4E4C3X4Q5zKnqgGfKjRUpmnu4uxt_BZNZdgELqDZtSKaVQEZPJZyiJt0sMupzERw9gxKpC-So1IdipySVyJZkcCAoKAzLkMqkcCAOkqTGaH-hSJQmJiaKF8NR0A6BVFEhJyOSUSokZDYlUAcaUkSYRUaKc_E7PAEl32_IlJlGS6nEd6JDLpMuuTq8NfBoQz_UGfVLgAsLe5L7J0t0s6fxsL6pN5Y8FWHPD3cd6Rzs6WAJU3iwaIKV-xWgsTEkp2VwHMW8R3j84d9dp994hu915Y-aVOF_I8lsgAfnrI33Mh7gXCGv3jjknqntxPvx-elHHKZyH0bnr4vlw_esB8e0HMa0Uo4_yrrWXzsT_jRN_1RwIZKmwd9filxn686j7cqstQUrBQczLndOCvetGPIeol2u3p6m5VhEgPIFCJHFt1yoqn59oFmwPcu0VAk02DPfuX7DlbOvGgUCSLowhXZnAx6Dt5FPPsKmBKktjWWLcExmzH_eGfayv0rF4kO1QoMtSAc0Erax92VzZRjoE7h5-zveNfSS9TedmRPTmBKBJd5at9t3KJERXBJy0gJftnW7b3TBmHdm4-7bbHhregjax0EFoRdU2V-7saM7VjXy1Kix0tR-EeRjexax3cDm_MHfxs9mpDxYEErqgj7FpSSGsEoz-cVBsDuMimpbkz7fewnolCe5BiDr93zIkhAT_I1l7gTL9Qsr2NNcElGWX8XYMAJnMCqXa1bV0UKmk7gJSqagUKGRSBcrhgLI40EOewbQxs1lokCqlCuUiHlOED9egN9ukFJS3N1CRySjBdDOQozp0GfNDibI1_4x4x6Ywqz25GmpPW0ft-cvqqxSvbrrCU2sJIaFzg41W1X6ME-jrZ7QVR9PjWNc-LfeEYiyceuTOPZy0H9fMEFb4KcXLVgfuXaerNjEm1mI8Hb0dr3ZkXwMjHgTYDfdCHnEpAPdrLO2H5VEAwr5ixfmyiU6-RIcl7CDtvxUis1tZsylm65-J73bsK30Q93L7A2Hh8GN_v9gLA74byT-c6dzWz35MRFlD09-nac9vbc4SiT10xjpMM3-biV8M15F0rz0G0f1LBNCFX_i9idzecdi8lrMQgvqmd9L73TkycbMeDhUUaPq6Cwx09V22y3Nbq9FasBMM5xqMAYbzx-5cITWqv5mbSbOBalQhiVOL_p8M1fSzPXXNnft4Zk-7tD5AUDPerf0-hrbMoVAp4gZe4dt2ah3vqoRGJhglQ0v-g3qdEfTP7h3QV8btBV9fwcQzblSnRZhi9xGgU9S8MZEaCrRTPInJ2xNIQwl5dd4YZKo-r-EtZKoE9yuv_c9zx-vBCU3NyD554GUSYzaJPy-Maj9n1vyNPR-L3iBV4H35atKiohvBLx2rJ8y--DrCRM7p-oZ1e1xc05hd4s40Yrt0srzgsX6v0CBH3SFuAZJIZaTk1J7UsCc3vAGv-eY4R7twTOmO3RfnQ7_w-KHFDhPu6R3sAtpmOhBUnReHTi0mHaa3aeGOXs5F-TnPLjEvOym1sZ-Uu0W45Q2yz-zCvzRJbfkeYxkh65bH-NDD6p7tZGPvSLjT6yMgj_Gv5l6DTnRpY5ySwR_22ENf7IZ1WeG24XfJDuPEgd-tZc4XH_jbEvuzFQVUNe6A7ntxb_4XLM0nc_ImxVUIjRsJyGuHWQMvdf3L4idwZo759mGdQiWAfqXy0nuayw-jbz-MzjG72frQdYkxvgFR7eWzFbpZDJZJsGMH7cRld81aLHU0ntsZoTqz-LZll1s25S0-AJMvr7kVuOACvAX1KdOuDKpJT34Lzn7tLdta9NMrf0gWq9Subh1RTEOh5-Q6JaUpyTkt5At2Tt8_2ISdI6iSn2zM7YCZ6DDd5VYPCV9OFz6lkZFd9n9ixNMUToVqOyzl2MoDTczRIXY06C0J4qvuhg-Tb6Foegs7yra3w_-iuaeoJylINxL4u96wR9iXru3EIsrZqkJ4ZZeOX8Iuhi7sZ62ArI9Q38inXaN30YBHl0Ted5Sc9ieasQd3nr81dUOp45l-XM2W75oLE37NxRCYvXE5IdVhxICRbrSqQwU_B5fJseIPIogUsx6-Say0_n-uZtYRcDq7RgqK06-c3DlW0CXlYbX1aaxJtGW6memsOlGQ8G3fbf001hm1NWUt_lf_PtdQGIVqlItYfKjvbBZY-ExEv3V6j4VXa6PdFvndTjGbZRyZpghW55GoAS_5tUXPT8ZQvzUmqfx5LhXxBuawgb7Vh0r819z8tdkrTpfUYzKr-kekN0C9XIo-CSftBPug9F7CYsJtiTBRPOG2qa6eery62rv5nxEjkvMM3UXXbazl8ECB9m7q9mSC0j9P83WGTZnMTy7DXIru8TRbcdwjYm_xOyrHLNl_xaPmDIEubFNDVrYrFGGbEk-__WcD8eNYR5MU_DXdu_q4-vXYBwmr3cy0fIFpgA6gFJadjexIK7LPRaiwU4dZN5zMHO0wgVcBEZWrg_m2jAGwF1FIncAHUjelCZKGl1sb6gzhNVz94tZrM-H_eNfPUoeKtBlgmJbgfHgYrQ-KhOWWL8ebd8hpP_w3629wbnJTLWQWcC9aTvqipbO_22uCfP-mDuM7NsIsQaK-5_GrUn7jhFz2j614if_ITBelDeeTIS6mhCWJcpvswl6iQgyLL6ftdVJTbte9Li0sgtekZ1SwfkN6GbdSIOaBM6bofizpf0016rVXr9prL14VHSiVyMVumKVvHhs_tJpc3_9MUVngn_Hs9pyp_FUfUgmzKoguyefoZofAy0EV1m7dmBr3tAqrHny-L9GW2ykYr7P5FMf9rg5Y1bTTY7eazkxGIhW_TdPp1_LamE_YRfVuZyJaFhAFladVtYdebjVHPfkY18LcaM7pjFqQq8walOkEtjIPb7ptIGuJJ8-t1vVyhU2_RYvoaWm2BGy58d95SK0o5Vp1yk_V0rUOcrp2Y8uenCowfyDGndNzeKbpiJC62vh879lmR2zGXiKR3AtE6Ez9MGHl5xX7qgek_sR2R_9tnAUe-wrJv03965lc1O7n8HqiRqv92y3YXaPeygPbuW_gCr3qdGEm9MYvYHyNIuPZ0XvQmriJtQ81iJp2rAgP3HQsnxDWr74vY6uenjHy4Pt91SsT-v3jBDDhH8OzueKeV8N6wwvdAODS8hbZFKgg_6lq2JaAm0YICrR9q9zdf_NmDzVlKB1_JMQMLwyzp7AF9hB9n8_8feq588DwapF8t3VJfaAqe3m_SdOYEhrjcx45pPGLDtw2CrkpJRp8oLCE25IY33U8PJif42RgbjJkOVMpL2On-7N8ua8R0Q2bCEvkmEHPa6yjdCJ2qQGwguT7EWaTI_sGOW7bgB_ERO1_sD5Yu2cZ6n6i2asrj92b9U08-tm9_R6O23bt_K6F2eBBWJFb1J6hYSddKth16J5zsXqXwTMxRNubTto64xwbcuupeHnzswLgp6VvXk7jrwitFzeyAt1TJn3gotapc3J5tm2_0eS1iNTda9ybTYR3nRClA8yE-yO7TNnosAlDIqY_7WRq0PCHkWm6WO9njp5eD0upG1gp7sibrBTZd2SolNUvPS8_GogxqOjGejTDBrV0neJ-F_q2gsAulajZ2-vn9mRugjwPFSMjCyATe5qWtcQMpzdVQwzUT-bq8MyHhqgAs-XjD2Gqle4Qtl4CNtSPb8RpmpmirjpUDeeijeG8I69Rba5vO22vgXU3DE5Q2z_QC5SXOkJTd7tg3BZf&uniformat=true&callback=Ya%5B2017455823893%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

908b7b4fb33635017eb87d7817311a2002f701a6983fb1821bf0b5cc92644460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Dec 2022 12:19:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
ssr: true
x-yandex-req-id: 1670329151560977-554022424432373879900099-production-app-host-sas-pcode-294
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 06 Dec 2022 12:19:11 GMT
uniformat: true
content-type: application/json
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 06 Dec 2022 12:19:11 GMT

GET
H2 200 651a52ab6a1878b49d44.js Show response
yastatic.net/partner-code-bundles/690418/ 482 KB
98 KB 1532ms
1020ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/651a52ab6a1878b49d44.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d6c87c498dc95f90983a9fc0c97f1971071fa568ac49d9647b8c2fda3e41e7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:12 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 100019
last-modified: Mon, 05 Dec 2022 08:25:03 GMT
server: nginx/1.17.9
etag: "9d1cc7f92ba9ba8df5e0d4bccfb6841b"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:50:46 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/62240389/ 43 B
73 B 304ms
304ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/62240389/1?page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&hittoken=1670329151_a4bde397f758e43ca3198bbee7e980a2e3e425784cb106825d9277e5375ef208&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A1%3Als%3A985069575683%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121911%3Aet%3A1670329152%3Ac%3A1%3Arn%3A36771997%3Arqn%3A2%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329146557%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670329152&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(14400)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:11 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:11 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 913ms
308ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://coronavirus-covid.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://coronavirus-covid.info
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 622ms
620ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET
H2 200 608151 Show response
mc.yandex.ru/watch/ 399 B
619 B 301ms
301ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/608151?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A1%3Als%3A701724353468%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329153%3Ac%3A1%3Arn%3A686370105%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1670329153%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20(2020)&t=gdpr(14)mc(p-1)clc(0-0-0)lt(14400)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0947afc6e8297c3c552ca4b69dd769edb79376984538cce2dfa0c511a816068a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 12:19:13 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 399
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:13 GMT

GET
H2 204 609775 Show response
an.yandex.ru/meta/ 0
153 B 377ms
376ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/609775?target-ref=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C93%3B685882%2C0%2C92%3B687453%2C0%2C56%3B689553%2C0%2C3%3B688962%2C0%2C31%3B689268%2C0%2C49%3B690418%2C0%2C34%3B681850%2C0%2C71%3B687366%2C0%2C21&pcode-flags-map=eJytV9tu2zgQ%2FZWFn4uu7pe%2BURJlE5FILUnZcYuCcBM3DZDYi8Qpuhv033coybYkJ3Szu0AeHMPnzHAuZ2aeJ2RKGceqJELgTGVIIlUhjkqhcsbVnGSYKUJVysqETT58ep58X909rScfJusff07eTXbrxx25hn%2F92PJ8f%2FLz87vJHAnF8R81FlLNS1SpnLNSoUwM8JLXuE8Q2KETWQ0Bpigp8Mg4fMgJJRKDf%2BmFmDGpFkTOWC0VAt%2BlMHkX%2BH4QuW8m%2Fz%2BYUVGoirOsTqU4NfM2agyUb8xLj0TnBWwuIBWqQAkuGiogSRClmJuzE7iuFzY0GVOUtURzzCVJUaHIXCW1lIyaSSDDYTQmASyQXJxzIHTt2HsBiwtcYirPFFfoRvYglBQvlLiAx8OfjgdDGeaqKtBy5Mg4npHvxPEhnoRWaIqV0C9YqowITZ41SU90ZWY5u4SvOU6lErgoBtT4shpSh7bTUnddKZZUzjBwt30klxVuuxPLc%2BGKoB%2BdY7ikyjhaHOtGTtGhfXLCoVNzTatICc8xvz923OBYT7KtecwFGWUffulCtvtY8Clu819T0oVc1yAqqz509%2FC07sE8J3LjVhlqAUERTdGOMGM%2FeyBIr8CYKpYIzOfj9G5WX%2B7WA6QbOHFb6jm5BGWkaobJdCYVlWaTnu%2FGdgNcIprhS8VrlbESEWpUTivcR1TbSzi7AGfBlppykhmRduhHwYsGdSlKThIj3LGtoG2pj5g6Kq%2BhahckA907Wwa%2BZ3udWjfYrvJVwrhOKkcZqcVvv8iwRNrv1mFonQVaGiXX99ywi3OWVzBqRMUoFIYkJYZ6HkAdy7KGWM9y2zdXKcswCChAqVGHfc8Hmq6UdD9zrGt3b0%2FpNjbCvTB0TuEk18Kz0E0E1flvGPYOzFFRD7LlWi%2BjC4w4VaWWljniBI3e7QyM%2BpbVRbnihHEilypZgoLgRcW4OWBBGHS9t6%2BLTgJTYRRXP7bDqFeRRKgUcQ7qhdJ0LPIjlfBj17ftAbapYnHQuQplGaFTM4nne63nKaspqGwruq7Zay8K%2FV56Sg6CTQRJSAFRM5uLw%2BBVpGIw4AuYLGes7znKupCkHeYKBDYnMImIfkSOUnM3x5EThj0%2FOpJ2XEimC1WPxgS2Ft0xkrOiODMnLcdz26qbcpQ45t9CiVrH3ypBPg789W3HMv3%2Bhc63%2FVcQ%2B%2BKY4Wb8cJxhAePW6J%2FtO0GL1msDxzlozgx2hilJzbjI7QQWggZjttQdxDHdz72K48Qs8QFotGMPWglmIIe6ptBNMwz50LItUq4nnBBGJQrs2PZaf3ogVFX6KVNoDTPYsWN%2F4MmMyOYZPTII5oVkZi%2Fc0HEGu1halarEGUEKSJAk82bImzlid3gspFX6nzlGm3uGcwQd9cal3fOtIBiESZSISwX3UI01%2Bbkk%2BUEQtHEu0Mdls5mqZlb1Uc%2BTr%2Bvd1bdy9XBzu%2Bmq%2FX775fZuLa5Wd7ebm8kH5%2Bdgf%2FetbqnpuwOjSyWF7uoCxm%2FfwKfJ%2Fer27v3DE%2Fj212pzvf4Bn3%2B%2FvV%2FdrB8HX92s7ptvrv9eb9qfr77f7rbtx%2Fv3h38%2Bv%2ByNXiLljLPFOPoYdJ9rBSQU5huBHa44E%2FnQDjvFSfX%2BzWjXaSjXOk7aBbfZOs0tF0ZxEB%2FWzZwToCmW%2BwW5aZg34JOLEzk7QQSx2%2FVlD%2FHWCzwIY88KDyww6zPNUJotR15gjy23jWS25TiWM1YSva%2F%2BkgJEgdddY3r9gtsllfBUaAzlOla7hzZzr10pT6%2FTE74wck9fATfOmUsmiI6o41gTqoKRCdsDnO3zF47Lr49qt326%2BjY8bWwrcg4VrQn7FyZFtKoHJDkqxOhi86OOYRCUiyb3Bexs2YtL2%2F12s7369rC9X9PtJt1udg%2Brx90oOnCYGInPBHcP1y%2FqDw4KC5Ycn31Xu7tRlP0evB22Ki%2BYPvuyJlDNmta6YnYEEua8ykSajQWWlPEJ8OVpt9tufp1pAH5YX68fb29eg6MsOZw%2BYoYykLFmIAoITtYynjumg%2Bh4jYyPU30w2ycntK0RP%2F8B8tnMgA%3D%3D&pcode-icookie=XT%2B6Kc4oVTRI5uXrdA0eUgEdgzgjyiU7F7G4n9CVw2RUH02WptpcF10roETjm2rZagcYrem%2BJfpk62TDfJQHgmMPW9Q%3D&duid=MTY3MDMyOTE1MTE4NTI2MzAzNA%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=133040906960897&ad-session-id=8544881670329151367&target-id=68275332&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fcoronavirus-covid.info&top-ancestor-undetermined=0&pcode-version=690418&pcodever=690418&flash-ver=0&available-width=300&skip-token=yabs.NzIwNTc2MDU2Mzk5NTk5NTYKNzIwNTc2MDcxNjU1NjE4Mzg%3D&partner-stat-id=1&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1050%2C%22top%22%3A854%2C%22ad_no%22%3A2%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0ODB9ChKjtJDjqIkhBKjrR2X-Rba2T_wnXtb7NtlU0_2b1Ms26SrOOtll0oTL1G2SdanbdG05efqksHBupvP5lskmExWo7i_QVwH0BtrGGMQYQRUuXbjM_pvmL3xTRYoUIQwDMRypxILDJLQErgXDtUCwbCaRZVssS2QJLYdJxBQPQrBdC8RFjbOIOZbAEjJBtZyBXYeHbbHVrgXHtaAtEsJF71jOooc1_C3BAgvSMj9wYhxIGBbGoLCwFtAwwRpGFgXUBYC9CAmGPSbCRQ0gyzxoC-0FBsio0aJGCyTw0WRK2G5IfxET3wUftQUno3cXMBTAWNxEJdviQeEMbz3yL5GWmovCWcRYTISuxQ_IsMAs7Zi4A4OZcm7iyh_OLsAAJIADFECr0IAzvKAvKwSLshgZAomYeItek-YuABEBPiDq0GSJ5QyN7SI5P6PSp96iCXa_RJ2REyx0RUuHof2yhfFZi4b8C8CyqfIhN9yWWRYTtGWIy0ScCQJiQH0mQosHtibtLcwFULhMEAy_njOMBZrLFM_6h3x8Jq7FWVrihkQanoAdqroLsGimOIwufd0Z0C5jF-LmbnbDKXmDEy07CJZ5wck4JBs6F0GFg2Y6rAkL_ZQZ1tiDdmHhTvMXLNs87jkRLD1Es_aeYtOtqL3QZyJA5YJPg1yCjIyaBrlCSUFNI5FLyBTUEFFt0tA28WmQKSRKl1SJTAEWPYWCmFIqJ5HIZaT0LqWMVKIglYBFn3cOXByneVeaRBa5Kg3KATss7pp8Kr7u4WwXCru26IDRCtG1Q7phfOm_HKacu3igLtRxmLjL7aRZYJa-MAeCS_ep1y356WoE3SladEfl5mWCHPvXYwp6ZfQi5vB3LeAXPfYsBxU9LTUNbfcllYwCiUtJpiQmBoseuQyZwqUik5G7oJOoFMioFBQqqYKYREZKLAdD4RLLKRRUSqlKKidHLqGnpqGQg5HhI5ZLFItamYAAU06iIpOTgunuOBQK0mVZSaGQqiQKIC5siYq8XjTXPUGxjgqz0hp8Glpl17xCGkBZVWhRICUjM9C9EKnkpKTDWQ5EBYU-XyqpkpRCTkreSBfSaHwkbyN6as3QvmtEsxs8bA1QyEBBgFihlFIip_d40jYyahpSZeKATCknVS0QcnLlFLoubcy8MyETAahpkJIlTgpSpIuKTL4zp7Zgb4sCu-UNbXsL3pY-bAuAvyraQVCcYS4COAsI6tYfbCOit8Qgg7rw6CGBtcihWSDpIgVp2RlYoOsjGQZhLWLgFgEsCzBGBMAvLIBdQDCXowEWkBcVPAvwp8PpsTUNz8h1US4E4C3X4Q5zKnqgGfKjRUpmnu4uxt_BZNZdgELqDZtSKaVQEZPJZyiJt0sMupzERw9gxKpC-So1IdipySVyJZkcCAoKAzLkMqkcCAOkqTGaH-hSJQmJiaKF8NR0A6BVFEhJyOSUSokZDYlUAcaUkSYRUaKc_E7PAEl32_IlJlGS6nEd6JDLpMuuTq8NfBoQz_UGfVLgAsLe5L7J0t0s6fxsL6pN5Y8FWHPD3cd6Rzs6WAJU3iwaIKV-xWgsTEkp2VwHMW8R3j84d9dp994hu915Y-aVOF_I8lsgAfnrI33Mh7gXCGv3jjknqntxPvx-elHHKZyH0bnr4vlw_esB8e0HMa0Uo4_yrrWXzsT_jRN_1RwIZKmwd9filxn686j7cqstQUrBQczLndOCvetGPIeol2u3p6m5VhEgPIFCJHFt1yoqn59oFmwPcu0VAk02DPfuX7DlbOvGgUCSLowhXZnAx6Dt5FPPsKmBKktjWWLcExmzH_eGfayv0rF4kO1QoMtSAc0Erax92VzZRjoE7h5-zveNfSS9TedmRPTmBKBJd5at9t3KJERXBJy0gJftnW7b3TBmHdm4-7bbHhregjax0EFoRdU2V-7saM7VjXy1Kix0tR-EeRjexax3cDm_MHfxs9mpDxYEErqgj7FpSSGsEoz-cVBsDuMimpbkz7fewnolCe5BiDr93zIkhAT_I1l7gTL9Qsr2NNcElGWX8XYMAJnMCqXa1bV0UKmk7gJSqagUKGRSBcrhgLI40EOewbQxs1lokCqlCuUiHlOED9egN9ukFJS3N1CRySjBdDOQozp0GfNDibI1_4x4x6Ywqz25GmpPW0ft-cvqqxSvbrrCU2sJIaFzg41W1X6ME-jrZ7QVR9PjWNc-LfeEYiyceuTOPZy0H9fMEFb4KcXLVgfuXaerNjEm1mI8Hb0dr3ZkXwMjHgTYDfdCHnEpAPdrLO2H5VEAwr5ixfmyiU6-RIcl7CDtvxUis1tZsylm65-J73bsK30Q93L7A2Hh8GN_v9gLA74byT-c6dzWz35MRFlD09-nac9vbc4SiT10xjpMM3-biV8M15F0rz0G0f1LBNCFX_i9idzecdi8lrMQgvqmd9L73TkycbMeDhUUaPq6Cwx09V22y3Nbq9FasBMM5xqMAYbzx-5cITWqv5mbSbOBalQhiVOL_p8M1fSzPXXNnft4Zk-7tD5AUDPerf0-hrbMoVAp4gZe4dt2ah3vqoRGJhglQ0v-g3qdEfTP7h3QV8btBV9fwcQzblSnRZhi9xGgU9S8MZEaCrRTPInJ2xNIQwl5dd4YZKo-r-EtZKoE9yuv_c9zx-vBCU3NyD554GUSYzaJPy-Maj9n1vyNPR-L3iBV4H35atKiohvBLx2rJ8y--DrCRM7p-oZ1e1xc05hd4s40Yrt0srzgsX6v0CBH3SFuAZJIZaTk1J7UsCc3vAGv-eY4R7twTOmO3RfnQ7_w-KHFDhPu6R3sAtpmOhBUnReHTi0mHaa3aeGOXs5F-TnPLjEvOym1sZ-Uu0W45Q2yz-zCvzRJbfkeYxkh65bH-NDD6p7tZGPvSLjT6yMgj_Gv5l6DTnRpY5ySwR_22ENf7IZ1WeG24XfJDuPEgd-tZc4XH_jbEvuzFQVUNe6A7ntxb_4XLM0nc_ImxVUIjRsJyGuHWQMvdf3L4idwZo759mGdQiWAfqXy0nuayw-jbz-MzjG72frQdYkxvgFR7eWzFbpZDJZJsGMH7cRld81aLHU0ntsZoTqz-LZll1s25S0-AJMvr7kVuOACvAX1KdOuDKpJT34Lzn7tLdta9NMrf0gWq9Subh1RTEOh5-Q6JaUpyTkt5At2Tt8_2ISdI6iSn2zM7YCZ6DDd5VYPCV9OFz6lkZFd9n9ixNMUToVqOyzl2MoDTczRIXY06C0J4qvuhg-Tb6Foegs7yra3w_-iuaeoJylINxL4u96wR9iXru3EIsrZqkJ4ZZeOX8Iuhi7sZ62ArI9Q38inXaN30YBHl0Ted5Sc9ieasQd3nr81dUOp45l-XM2W75oLE37NxRCYvXE5IdVhxICRbrSqQwU_B5fJseIPIogUsx6-Say0_n-uZtYRcDq7RgqK06-c3DlW0CXlYbX1aaxJtGW6memsOlGQ8G3fbf001hm1NWUt_lf_PtdQGIVqlItYfKjvbBZY-ExEv3V6j4VXa6PdFvndTjGbZRyZpghW55GoAS_5tUXPT8ZQvzUmqfx5LhXxBuawgb7Vh0r819z8tdkrTpfUYzKr-kekN0C9XIo-CSftBPug9F7CYsJtiTBRPOG2qa6eery62rv5nxEjkvMM3UXXbazl8ECB9m7q9mSC0j9P83WGTZnMTy7DXIru8TRbcdwjYm_xOyrHLNl_xaPmDIEubFNDVrYrFGGbEk-__WcD8eNYR5MU_DXdu_q4-vXYBwmr3cy0fIFpgA6gFJadjexIK7LPRaiwU4dZN5zMHO0wgVcBEZWrg_m2jAGwF1FIncAHUjelCZKGl1sb6gzhNVz94tZrM-H_eNfPUoeKtBlgmJbgfHgYrQ-KhOWWL8ebd8hpP_w3629wbnJTLWQWcC9aTvqipbO_22uCfP-mDuM7NsIsQaK-5_GrUn7jhFz2j614if_ITBelDeeTIS6mhCWJcpvswl6iQgyLL6ftdVJTbte9Li0sgtekZ1SwfkN6GbdSIOaBM6bofizpf0016rVXr9prL14VHSiVyMVumKVvHhs_tJpc3_9MUVngn_Hs9pyp_FUfUgmzKoguyefoZofAy0EV1m7dmBr3tAqrHny-L9GW2ykYr7P5FMf9rg5Y1bTTY7eazkxGIhW_TdPp1_LamE_YRfVuZyJaFhAFladVtYdebjVHPfkY18LcaM7pjFqQq8walOkEtjIPb7ptIGuJJ8-t1vVyhU2_RYvoaWm2BGy58d95SK0o5Vp1yk_V0rUOcrp2Y8uenCowfyDGndNzeKbpiJC62vh879lmR2zGXiKR3AtE6Ez9MGHl5xX7qgek_sR2R_9tnAUe-wrJv03965lc1O7n8HqiRqv92y3YXaPeygPbuW_gCr3qdGEm9MYvYHyNIuPZ0XvQmriJtQ81iJp2rAgP3HQsnxDWr74vY6uenjHy4Pt91SsT-v3jBDDhH8OzueKeV8N6wwvdAODS8hbZFKgg_6lq2JaAm0YICrR9q9zdf_NmDzVlKB1_JMQMLwyzp7AF9hB9n8_8feq588DwapF8t3VJfaAqe3m_SdOYEhrjcx45pPGLDtw2CrkpJRp8oLCE25IY33U8PJif42RgbjJkOVMpL2On-7N8ua8R0Q2bCEvkmEHPa6yjdCJ2qQGwguT7EWaTI_sGOW7bgB_ERO1_sD5Yu2cZ6n6i2asrj92b9U08-tm9_R6O23bt_K6F2eBBWJFb1J6hYSddKth16J5zsXqXwTMxRNubTto64xwbcuupeHnzswLgp6VvXk7jrwitFzeyAt1TJn3gotapc3J5tm2_0eS1iNTda9ybTYR3nRClA8yE-yO7TNnosAlDIqY_7WRq0PCHkWm6WO9njp5eD0upG1gp7sibrBTZd2SolNUvPS8_GogxqOjGejTDBrV0neJ-F_q2gsAulajZ2-vn9mRugjwPFSMjCyATe5qWtcQMpzdVQwzUT-bq8MyHhqgAs-XjD2Gqle4Qtl4CNtSPb8RpmpmirjpUDeeijeG8I69Rba5vO22vgXU3DE5Q2z_QC5SXOkJTd7tg3BZf&uniformat=true&callback=Ya%5B2034748696668%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:13 GMT
x-yandex-req-id: 1670329153509229-106027699689014740100101-production-app-host-sas-pcode-80
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
content-type: text/plain
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:13 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5261412/NtJ-t2wQ1DToenCD_VrOYQ/ 38 KB
38 KB 1256ms
626ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5261412/NtJ-t2wQ1DToenCD_VrOYQ/x450
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 096e28bea7f5c7c5423e102cfa03e5069a54ba7defd74d43c9d75867295ebfad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:14 GMT
last-modified: Tue, 29 Nov 2022 20:40:30 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 38548
x-request-id: a58961dd636c46bc

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 1225ms
648ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:14 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: d0ab78920d8db1e9
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Dec 2022 00:17:59 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/4628184/f1YuN_oirnR38jQbghqhcA/ 19 KB
19 KB 1457ms
827ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4628184/f1YuN_oirnR38jQbghqhcA/x450
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 475674780b9a88df3e13f82ac40fe45a820648183db1ced82b783f82d756f11d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:14 GMT
last-modified: Thu, 24 Nov 2022 15:00:13 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19520
x-request-id: 5bcda5380f688f0a

GET
H2 200 bb76ad8c383bc7061336.js Show response
yastatic.net/partner-code-bundles/690418/ 14 KB
6 KB 285ms
284ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/bb76ad8c383bc7061336.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

23d09b5a0f70491c7dbffa21118eb5a47752dd41510e5b2ab860f3de6c649345

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:13 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 5106
last-modified: Mon, 05 Dec 2022 08:25:03 GMT
server: nginx/1.17.9
etag: "e77bd36ab20cede76ea508df882b458d"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:50:58 GMT

GET
H2 200 4fcb262e9b00ec06ba27.js Show response
yastatic.net/partner-code-bundles/690418/ 10 KB
4 KB 287ms
287ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/4fcb262e9b00ec06ba27.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a94bb3c678c22d7b2dcae9de296dd0c9e8f7230961714fa9b6ff1bae3368b6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:13 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 3287
last-modified: Mon, 05 Dec 2022 08:25:02 GMT
server: nginx/1.17.9
etag: "7e2d22753082e9274728eae96f9e5357"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:51:00 GMT

GET
H2 200 7c1a7cbb34586b71d2b6.js Show response
yastatic.net/partner-code-bundles/690418/ 23 KB
7 KB 297ms
297ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/690418/7c1a7cbb34586b71d2b6.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1f5dce5e5c0e7bd5ac4c193cb7b4f3d32a4b34443d0458aee9951a5533ff975b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Origin: https://coronavirus-covid.info
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:13 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6671
last-modified: Mon, 05 Dec 2022 08:25:03 GMT
server: nginx/1.17.9
etag: "3d833c72d4072752354f3aa5cb7958c5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 05 Dec 2052 18:51:25 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame F37E 24 KB
7 KB 879ms
318ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://coronavirus-covid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Tue, 06 Dec 2022 12:19:14 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 05 Dec 2052 18:52:28 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H2 200 1RN8VhEm0VW100000000U9nJj3_zGFtkTyLymw2x8HTaclUbMDeRzoSp084dJ2JKRUPknTZfxfmCgOn0ySoWkpd7GUAbp41URIUGQ6K4aPqWMI1WOfZ9k582mbx8gC0COQrav83ARmJH7rY1n5x6-Rjv6Ow2PSuoWXHUPGH9tcLaa65W-CiuYuc1OIuJI6GfamwGM... Show response
an.yandex.ru/rtbcount/ 43 B
339 B 1357ms
1356ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1RN8VhEm0VW100000000U9nJj3_zGFtkTyLymw2x8HTaclUbMDeRzoSp084dJ2JKRUPknTZfxfmCgOn0ySoWkpd7GUAbp41URIUGQ6K4aPqWMI1WOfZ9k582mbx8gC0COQrav83ARmJH7rY1n5x6-Rjv6Ow2PSuoWXHUPGH9tcLaa65W-CiuYuc1OIuJI6GfamwGMiiK0HGvo_GV25un2NpxEVLRq5sWIpViEQ_-dfNXBnF8Y5PcaD6zp8f0SYepIFDSPYQG0vYP71L0zhDiP6xNtsu_ksLgsKbccF-lWbNU1PC_cHsS-27EPpbfxWfchM1PQRY3XUa02-C5bbsRcoPl-z0pNVmc2yH77-mViaptpRVwhdRL_YqBo3SBM3bFikxXuW9BNs1jQ6XYkSbgjxhUH-BQGlwlh20FTB0ri4nWsp-jUV-bttydvCzW-xn4Qm7Ra-UTtJk-h7sGjv8DPk81DhaJR4oFs7WBB9siV2fpIerClLBDNxB1xFu9Pqralv5N5RpA_9tzB7OsCqi34qEB3UnCEzXvJh2BFs0_Vd3xtfTFJhp9-y7E0m02_fkQ

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 621ms
620ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 732ms
309ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://coronavirus-covid.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://coronavirus-covid.info
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 1 Show response
mc.yandex.ru/watch/608151/ 43 B
73 B 307ms
306ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/608151/1?page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&cnt-class=1&hittoken=1670329153_395fff6ac9a737a3f7ba508dbba7d3217645c3b5da7f8d0e10c06cb0065b4fbe&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A1%3Als%3A701724353468%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329154%3Ac%3A1%3Arn%3A748041166%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670329154&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(22000)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:13 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:13 GMT

GET
H2 200 608151 Show response
mc.yandex.ru/watch/ 43 B
73 B 308ms
306ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/608151?page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&cnt-class=1&hittoken=1670329153_395fff6ac9a737a3f7ba508dbba7d3217645c3b5da7f8d0e10c06cb0065b4fbe&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A1%3Als%3A701724353468%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329154%3Ac%3A1%3Arn%3A652962648%3Arqn%3A2%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1670329154%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20(2020)&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(22000)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:13 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:13 GMT

GET
H2 200 609775 Show response
mc.yandex.ru/watch/ 391 B
426 B 304ms
304ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/609775?wmode=7&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A1%3Als%3A1285950463137%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329154%3Ac%3A1%3Arn%3A939358867%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1670329154%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20(2020)&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(22000)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ca3ff6b2d54d004417646dab248534e301f74cd261b91c2536b24d2713fade2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 12:19:13 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 391
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:13 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/609775/ 43 B
145 B 308ms
307ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/609775/1?page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&cnt-class=1&hittoken=1670329153_b29e0813fb87ac08b064d3d76a00f12da9fca5204b7fca5fdca971c1eb19551e&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A2832%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A1%3Als%3A1285950463137%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329154%3Ac%3A1%3Arn%3A792308708%3Arqn%3A1%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A275%2C414%2C405%2C134%2C%2C0%2C%2C1633%2C0%2C%2C%2C%2C2863%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670329154&t=gdpr(14)mc(p-3-h-2)clc(0-0-0)rqnt(1)lt(22000)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:14 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:14 GMT

GET
H2 200 609775 Show response
mc.yandex.ru/watch/ 43 B
73 B 308ms
307ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/609775?page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&cnt-class=1&hittoken=1670329153_b29e0813fb87ac08b064d3d76a00f12da9fca5204b7fca5fdca971c1eb19551e&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A3%3Adp%3A1%3Als%3A1285950463137%3Ahid%3A789443553%3Az%3A0%3Ai%3A20221206121913%3Aet%3A1670329154%3Ac%3A1%3Arn%3A689844266%3Arqn%3A2%3Au%3A1670329151185263034%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1670329146557%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1670329154%3At%3A%D0%92%D1%81%D0%B5%20%D0%9E%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B5%3A%20%D0%97%D0%B0%D0%B1%D0%BE%D0%BB%D0%B5%D0%B2%D1%88%D0%B8%D0%B5%20%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BE%D0%BC%2C%20%D0%92%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%2C%20%D0%9C%D0%B8%D1%80%D0%B5%2C%20%D0%95%D0%B2%D1%80%D0%BE%D0%BF%D0%B5%2C%20%D0%9E%D0%BF%D1%80%D0%B5%D0%B4%D0%B5%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%2C%20%D0%A1%D0%B8%D0%BC%D0%BF%D1%82%D0%BE%D0%BC%D1%8B%2C%20%D0%A6%D0%B8%D1%84%D1%80%D1%8B%2C%20(2020)&t=gdpr(14)mc(p-3-h-2)clc(0-0-0)rqnt(2)lt(22000)aw(1)ecs(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://coronavirus-covid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:14 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:14 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame F37E 95 B
400 B 1069ms
307ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 12:19:15 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Wed, 07 Dec 2022 12:19:15 GMT

GET
H2

200

ec67517ad8d6e2e67ba394
an.yandex.ru/mapuid/arcspireis/ Frame F37E
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/ec67517ad8d6e2e67ba394

43 B
152 B

314ms
312ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/ec67517ad8d6e2e67ba394

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/ec67517ad8d6e2e67ba394
date: Tue, 06 Dec 2022 12:19:13 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007F42338F638703820302577D68
an.yandex.ru/mapuid/sapeis/ Frame F37E
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://acint.net/rmatch/?r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D&dp=151&tc=1
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fsapeis%252F$%257BUSER_ID%257D&dp=14
https://acint.net/rmatch?dp=14&euid=2203420A44338F63A700654202EF2BAF&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F$%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007F42338F638703820302577D68

43 B
80 B

311ms
311ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F42338F638703820302577D68

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:16 GMT

Redirect headers

date: Tue, 06 Dec 2022 12:19:16 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007F42338F638703820302577D68
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

50eccd6b-225b-5454-a10e-5327c2816065
an.yandex.ru/mapuid/betweendigitalis/ Frame F37E
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/50eccd6b-225b-5454-a10e-5327c2816065

43 B
99 B

319ms
318ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/50eccd6b-225b-5454-a10e-5327c2816065

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/50eccd6b-225b-5454-a10e-5327c2816065
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=A77008032CD4F188
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=A77008032CD4F188

42 B
942 B

6ms
6ms

Image
image/gif

13.231.96.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=A77008032CD4F188

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

HTTP/1.1

Server

13.231.96.223 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-231-96-223.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v042-03eb66858.edge-tyo3.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 301AFesvS9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-tyo3-2-v042-0e6766ed2.edge-tyo3.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: //viN2xqRGk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=A77008032CD4F188
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect

43 B
422 B

105ms
104ms

Image
image/gif

13.250.210.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Server: 13.250.210.117 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-210-117.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 12:19:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=ACACB29C95E53131&publisher_dsp_id=429&publisher_call_type=redirect
date: Tue, 06 Dec 2022 12:19:15 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
an.yandex.ru/mapuid/behaviorx/ Frame F37E 0
0 538ms
531ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/behaviorx/
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=619BCFB96B4A5FC6

68 B
607 B

76ms
76ms

Image
image/png

203.195.121.142
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=619BCFB96B4A5FC6
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Server: 203.195.121.142 , Singapore, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=619BCFB96B4A5FC6
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3362A15FAF66352C

0
241 B

517ms
170ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3362A15FAF66352C
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Connection: close
Date: Tue, 06 Dec 2022 12:19:15 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=3362A15FAF66352C
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET
H2 200 /
an.yandex.ru/mapuid/eplanningrtb/ Frame F37E 0
0 539ms
533ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/eplanningrtb/
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
502 B

118ms
40ms

Image
image/png

172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

119ms
40ms

Image
image/png

172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

120ms
41ms

Image
image/png

172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:14 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=66DFC01A5731D0D7&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:14 GMT

GET

sync
t.adx.opera.com/ Frame F37E
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=98A5407FD3C94A66

0
0

GET
H2 200 /
an.yandex.ru/mapuid/xapadsssp/ Frame F37E 0
0 538ms
533ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/xapadsssp/
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2

200

c493f0d47e96018d4e92a74bf789ec3b4e205700e144b1c2d79afff454a7e01a
an.yandex.ru/mapuid/mediascope/ Frame F37E
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/c493f0d47e96018d4e92a74bf789ec3b4e205700e144b1c2d79afff454a7e01a

43 B
80 B

322ms
321ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/c493f0d47e96018d4e92a74bf789ec3b4e205700e144b1c2d79afff454a7e01a

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: ms-counter-3.3.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/c493f0d47e96018d4e92a74bf789ec3b4e205700e144b1c2d79afff454a7e01a
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

ae463e97366596b63449
an.yandex.ru/mapuid/targetixis/ Frame F37E
Redirect Chain

https://dm.hybrid.ai/match?id=182
https://an.yandex.ru/mapuid/targetixis/ae463e97366596b63449

43 B
80 B

327ms
326ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetixis/ae463e97366596b63449

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location: https://an.yandex.ru/mapuid/targetixis/ae463e97366596b63449
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 127
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

684deef8473d6478774f
an.yandex.ru/mapuid/dmphybridai/ Frame F37E
Redirect Chain

https://dm.hybrid.ai/yandexdmp-match
https://an.yandex.ru/mapuid/dmphybridai/684deef8473d6478774f?sign=2446316008

43 B
80 B

328ms
328ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmphybridai/684deef8473d6478774f?sign=2446316008

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location: https://an.yandex.ru/mapuid/dmphybridai/684deef8473d6478774f?sign=2446316008
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 125
content-length: 0
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

Xb6-PHFZkWj5nV57fyo.
an.yandex.ru/mapuid/dmpamberdata/ Frame F37E
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1670329151
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1670329154936&i=1670329151
https://an.yandex.ru/mapuid/dmpamberdata/Xb6-PHFZkWj5nV57fyo.

43 B
80 B

317ms
316ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/Xb6-PHFZkWj5nV57fyo.

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

Date: Tue, 06 Dec 2022 12:19:15 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 25
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/Xb6-PHFZkWj5nV57fyo.
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame F37E
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/334e8737-3ef3-46bc-aebf-d39b456b426d
https://match.360yield.com/match?external_user_id=334e8737-3ef3-46bc-aebf-d39b456b426d&publisher_dsp_id=429&publisher_call_type=redirect

43 B
444 B

108ms
107ms

Image
image/gif

13.250.210.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=334e8737-3ef3-46bc-aebf-d39b456b426d&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Server: 13.250.210.117 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-210-117.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 12:19:15 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=334e8737-3ef3-46bc-aebf-d39b456b426d&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

GET
H2

200

eff8e4b1-55aa-4d65-414e-652499f4cb22
an.yandex.ru/mapuid/buzzooladspis/ Frame F37E
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/eff8e4b1-55aa-4d65-414e-652499f4cb22

43 B
80 B

310ms
310ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/eff8e4b1-55aa-4d65-414e-652499f4cb22

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/eff8e4b1-55aa-4d65-414e-652499f4cb22
date: Tue, 06 Dec 2022 12:19:14 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

bWaWBUYTSYuuOm__lCzCwQ
an.yandex.ru/setud/mts_banner/ Frame F37E
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fso...
https://kimberlite.io/rtb/sync/between2?u=50eccd6b-225b-5454-a10e-5327c2816065&f=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FY48zQzLHtR4&n=1
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=Y48zQzLHtR4
https://sm.rtb.mts.ru/match/second?ssp=59&exu=Y48zQzLHtR4
https://tech.rtb.mts.ru/?dsp_uid=6d669605-4613-498b-ae3a-6fff942cc2c1&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FbWaWBUYTSYuuOm__lCzCwQ%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/bWaWBUYTSYuuOm__lCzCwQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3554395671

43 B
176 B

327ms
319ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/bWaWBUYTSYuuOm__lCzCwQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3554395671

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:18 GMT

Redirect headers

Date: Tue, 06 Dec 2022 12:19:17 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/bWaWBUYTSYuuOm__lCzCwQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3554395671
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET pixel
mitdmp.whiteboxdigital.ru/ Frame F37E 0
0

GET
H2

200

a4c31300-3a2f-4a7a-9a97-2b41d2177c9c
an.yandex.ru/mapuid/hyperdspis/ Frame F37E
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/a4c31300-3a2f-4a7a-9a97-2b41d2177c9c

43 B
80 B

309ms
309ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/a4c31300-3a2f-4a7a-9a97-2b41d2177c9c

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:16 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/a4c31300-3a2f-4a7a-9a97-2b41d2177c9c
Date: Tue, 06 Dec 2022 12:19:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame F37E
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

315ms
314ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:16 GMT

Redirect headers

date: Tue, 06 Dec 2022 12:19:15 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal1
content-length: 0

GET
H2

200

xSmarlVz7j2.AikABlGE52BQyw
an.yandex.ru/mapuid/getintentis/ Frame F37E
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://px.adhigh.net/p/cm/yandexssp?bounced=1
https://an.yandex.ru/mapuid/getintentis/xSmarlVz7j2.AikABlGE52BQyw

43 B
152 B

322ms
322ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/xSmarlVz7j2.AikABlGE52BQyw

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:20 GMT
server: nginx
x-backend-id: f10-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/xSmarlVz7j2.AikABlGE52BQyw
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

kK2Zz7tc0yEbG344dnR6qu
an.yandex.ru/mapuid/dmpweborama/ Frame F37E
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=211192240
https://an.yandex.ru/mapuid/dmpweborama/kK2Zz7tc0yEbG344dnR6qu

43 B
152 B

318ms
317ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/kK2Zz7tc0yEbG344dnR6qu

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:16 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:14 GMT
via: 1.1 google
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/kK2Zz7tc0yEbG344dnR6qu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame F37E 68 B
839 B 309ms
286ms Image
image/png 2606:4700:20::681a:f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZ1nTeXyzX7uo8s8UgiIsSgyI01p0GWC8Mge7i8gbhwCRTEc9ulp5fwkGzLE7lBDEP1NbUI0SsNi%2FQ%2BfQT7H%2BNPkZ8UGZrMbv8RueJ2d7cFpugDSzHj%2F5bdFbqXBIhF8unlhO5bTQjpyOiJPFRU397z%2BvWeD"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7754f805ce83aff1-NRT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

HJsq4BTQhB63W4Y2pNrw
an.yandex.ru/mapuid/kadamis/ Frame F37E
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/HJsq4BTQhB63W4Y2pNrw

43 B
80 B

310ms
309ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/HJsq4BTQhB63W4Y2pNrw

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:16 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:16 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/HJsq4BTQhB63W4Y2pNrw
date: Tue, 06 Dec 2022 12:19:16 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

f828b8ef-85cb-4213-b162-d8ac89837f7d
an.yandex.ru/mapuid/mtsdspis/ Frame F37E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=f828b8ef-85cb-4213-b162-d8ac89837f7d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Ff828b8ef-85cb-4213-b162-d8ac89837f7d
https://an.yandex.ru/mapuid/mtsdspis/f828b8ef-85cb-4213-b162-d8ac89837f7d

43 B
80 B

326ms
326ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/f828b8ef-85cb-4213-b162-d8ac89837f7d

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:17 GMT

Redirect headers

Date: Tue, 06 Dec 2022 12:19:38 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/f828b8ef-85cb-4213-b162-d8ac89837f7d
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame F37E
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=a65501f9b3b4447c9dee0779df5555aa
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a65501f9b3b4447c9dee0779df5555aa

0
355 B

264ms
263ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a65501f9b3b4447c9dee0779df5555aa
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:17 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.2
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=a65501f9b3b4447c9dee0779df5555aa
Date: Tue, 06 Dec 2022 12:19:17 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame F37E 42 B
201 B 1150ms
287ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 12:19:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame F37E 42 B
201 B 1136ms
284ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 12:19:17 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

34487f30-7560-11ed-acfd-901b0e8b2a6e
an.yandex.ru/mapuid/dmpcleverdata/ Frame F37E
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
https://an.yandex.ru/mapuid/dmpcleverdata/34487f30-7560-11ed-acfd-901b0e8b2a6e?sign=296628289

43 B
152 B

315ms
315ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/34487f30-7560-11ed-acfd-901b0e8b2a6e?sign=296628289

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:17 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:17 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/34487f30-7560-11ed-acfd-901b0e8b2a6e?sign=296628289
date: Tue, 06 Dec 2022 12:19:17 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame F37E 43 B
390 B 1683ms
938ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Dec 2022 12:19:18 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame F37E 0
69 B 577ms
184ms Image
text/plain 194.55.244.180
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.180 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 12:19:17 GMT
server: nginx/1.23.2

GET
H2

200

83d4900f-14d3-4963-9fe6-76aacfdcb8f6
an.yandex.ru/mapuid/upravelis/ Frame F37E
Redirect Chain

https://sync.upravel.com/yandex/sync
https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/83d4900f-14d3-4963-9fe6-76aacfdcb8f6

43 B
80 B

309ms
309ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/83d4900f-14d3-4963-9fe6-76aacfdcb8f6

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:18 GMT

Redirect headers

date: Tue, 06 Dec 2022 12:19:18 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/83d4900f-14d3-4963-9fe6-76aacfdcb8f6
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

IuSBrNxKYSUIDiGN%2F%2BhO8Q
an.yandex.ru/mapuid/dmpaidatame/ Frame F37E
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
https://an.yandex.ru/mapuid/dmpaidatame/IuSBrNxKYSUIDiGN%2F%2BhO8Q?sign=3314469528

43 B
80 B

311ms
310ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/IuSBrNxKYSUIDiGN%2F%2BhO8Q?sign=3314469528

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:18 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
last-modified: Tue, 06 Dec 2022 12:19:17 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/IuSBrNxKYSUIDiGN%2F%2BhO8Q?sign=3314469528
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Tue, 06 Dec 2022 12:19:17 GMT

GET
H2

200

UMKlX3i0q4R5
an.yandex.ru/mapuid/dmpsegmento/ Frame F37E
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/UMKlX3i0q4R5?sign=622280794

43 B
80 B

311ms
311ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/UMKlX3i0q4R5?sign=622280794

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:18 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/UMKlX3i0q4R5?sign=622280794
Date: Tue, 06 Dec 2022 12:19:18 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

xRZYF3u4l7Fr
an.yandex.ru/mapuid/rutargetis/ Frame F37E
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/xRZYF3u4l7Fr

43 B
80 B

312ms
311ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/xRZYF3u4l7Fr

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:18 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/xRZYF3u4l7Fr
Date: Tue, 06 Dec 2022 12:19:18 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

POST
H2 200 62240389 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 1139ms
338ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/62240389?wmode=0&wv-part=1&wv-hit=789443553&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&rn=436625160&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670329155%3Aw%3A1600x1200%3Av%3A933%3Az%3A0%3Ai%3A20221206121914%3Au%3A1670329151185263034%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670329155&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:15 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:15 GMT

POST
H2 200 62240389 Show response
mc.yandex.ru/webvisor/ 43 B
176 B 708ms
308ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/62240389?wmode=0&wv-part=1&wv-hit=789443553&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&rn=405633900&wv-type=3&browser-info=we%3A1%3Aet%3A1670329155%3Aw%3A1600x1200%3Av%3A933%3Az%3A0%3Ai%3A20221206121915%3Au%3A1670329151185263034%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670329155&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:15 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:15 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame F37E 105 KB
37 KB 377ms
376ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 713659782fa4aaab
timing-allow-origin: *
expires: Fri, 09 Dec 2022 00:16:46 GMT

GET
H2 200 1Nxi9yMk0VW100000000U9nJj3_zGFtkTyLymw2x8HTaclUbMDeRzoSp084dJ2JKRUPknTZfxfmCgOn0ySoWkpd7GUAbp41URIUGQ6K4aPqWMI1WOfZ9k582mbx8gC0COQrav83ARmJH7rY1n5x6-Rjv6Ow2PSuoWeIlWicxZ0mo30n_6MSnCJ3CPGA9B6NI0L9hc... Show response
an.yandex.ru/rtbcount/ 43 B
98 B 317ms
317ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1Nxi9yMk0VW100000000U9nJj3_zGFtkTyLymw2x8HTaclUbMDeRzoSp084dJ2JKRUPknTZfxfmCgOn0ySoWkpd7GUAbp41URIUGQ6K4aPqWMI1WOfZ9k582mbx8gC0COQrav83ARmJH7rY1n5x6-Rjv6Ow2PSuoWeIlWicxZ0mo30n_6MSnCJ3CPGA9B6NI0L9hcIA08cUP_WF1AoQ1Rp-dVWkw2tJfXZtdrT-pClnb0jdLoWmokfTP4KXEPGPfdilC1780CvEZ0iX-betCxVhRxMUtJ2qxoGpp_rMmohjWyYUpWnC_nFai9yrTmQmLB2iDTx0m7M1XlC2oQtFJv6qVUgQBtsI1-EY3_KEMwRxvLj_Lhjg_PG7vPW4hvqdMFLnSOEaBh0qDJImtMUrMr_j8N5l8_vKLv84EjWQM2MpxfpNll_JxxuJy6MoVbsWjO7lolBDxnvUr3_9Mii5CFC0cTuADwH4RRu6bavLFPKwfaQbNglbBDfZTF-6iYUmtygg2Lvc_iv_5pcPcQM1YQB61dMa7Eyy9Tl47xCSFRj_xyic9Dta_s7a002QRc000?confirmTime=2100000&confirmRatio=1000000&test-tag=133040906960898&format-type=118&actual-format=13&rnd=5248582129151&banner-sizes=eyI3MjA1NzYwNTYzOTk1OTk1NiI6IjU0N3gzMjAiLCI3MjA1NzYwNzE2NTU2MTgzOCI6IjU0N3gzMjAifQ%3D%3D&width=1100&height=320

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

GET
H2 200 WPuejI_zO1G1fGm0P1KXkvb6PzzGF0K0508GW8200J4_CuzZ000003Ykdag80WEv0jAlXxvJv-ufy0AJXDQ_1g0Uy0K1e0QI0ia6FylW9ztt8My5Kjrinno3lcJG28A0W802W0e1Y0eXY0i6gWiGzlcLzbBT0019iBpF9-_m2mRW3OA2WO60W82819WElvQ3lzBx_... Show response
an.yandex.ru/count/ 43 B
82 B 331ms
330ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WPuejI_zO1G1fGm0P1KXkvb6PzzGF0K0508GW8200J4_CuzZ000003Ykdag80WEv0jAlXxvJv-ufy0AJXDQ_1g0Uy0K1e0QI0ia6FylW9ztt8My5Kjrinno3lcJG28A0W802W0e1Y0eXY0i6gWiGzlcLzbBT0019iBpF9-_m2mRW3OA2WO60W82819WElvQ3lzBx_P1lg0_IkjE2pUEWtsIG49ZkWRsfa8320_3qyTCMu1G1y1N1YlRieu-y_6EW5f3zffm6oHOMWHVmFwWN2T0O8VWOsksQqvAaqCmLW1c96RmAi1cu6S0PljR-uuJ3zT0FqXaIUM5YSrzpPN9sPN8lSZSsCIqnw1dC2F0PWC83c1hpf2gm6nwu6mA270rmEK8wJ7biTJ8rIcKtwHo07Vz_W202Y20CiY4JDZWuD3KuEZGuEpOuE3GsCJeqET0X____0TKY__z__u4Z00000000y3yJ040wtXOP3OUHGyTkIYkjSKTUXCBAoS0y51OKGbhcx87DU0e_AWkNf7A9hPr3w9sZ8hWYmyD6a4DaS0y0~1=WPyejI_zOB00hGm0H1VXJIYwi06od8-GvjVyhxC1W07tgSpNlv_-mYw80OAjkSU50P01gDR7kDQ0W802c07UqSUuLhW1skFos2FO0RIIeA81u06MbQ-P0UW1e0Ju0VoOthu1e0AE-eK1i0FT2uW5g8m1a0MGjWkm1Ttp0hW5tVC2m0MUxQW1o0NozYhG1Os20QW6aWAf1rBTRCSSWxvak0U01U07XWhG2Bg8W872W806u0Y7_KBe2GU02W7u2e2r6EWCcmR84C2ma881eOWI0P0I0QWJkhE2axRmZ9SNW1I0W884q1J_n85Gw1IC0g0MaFscd0R95l0_q1REdzw-0PWNbxMqBBWN0S0NjTO1e1cI0hWP____0O4Q__y3H_JSrsUe7W6m7m787vg9a56f88un0XuzwwO_k23daoYo8HCsE3WqDJWwD3WxDZWuD3OnEZGva2APY2gG8fk8Ah0Y0TKY__z__u4ZYIFMFv0ZuRltxFcHnV5Ic2EVxyJEbFYconS80ACV3wG0Haw-QsJ94aCdo6I9d7bANAfIEfzWcu03~1=WPeejI_zOAq0XGm011TpLKwDhG6dkVhvai7Yy0600QcAkiV6WDhJKuW1uFwik9q1a07ShxxduO20W0AO0TollkTXk076akFm9TW1oC73h07W0PQLhva1w0600lW1aedUlW6W0hID0g031B03eWo81Qjfa0MLUR05vnwu1USUm0Nxd2381ToO2D05v0ge1f82gGTItMp778E-PBW7W0NW1uOAq0YwY821me201k08seO1w0a7W0e1-0g0jHZe39i6o130i9220Q684W6G4W6e4xgpWfEsy8oN5u0KW8201D0KtztM7kWKZ0AW5f3zffm6oHRmFz0MaedUlW6O5vUrj2ou5m705xNM0Q0PaWAu6V___m616l__tz2huMZfg1u1i1y2o1_auA5MgI2o0s7cmR6UFxWWvvCeiY4JDZWuD3KuEZGuEpOuE3GsCJeqEP0YcOWga2ARY2gm8W7L8l__V_-18uaZrZ-G8uF9oFdZWiYrNPWZry2QrkJiex-60GW0dnyFf016JhfhPBcIeIEBB0upJmcCLKhd4ymGS000~1?stat-id=3&test-tag=133040907016737&banner-sizes=eyI3MjA1NzYwNTYzOTk1OTk1NiI6IjU0N3gzMjAiLCI3MjA1NzYwNzE2NTU2MTgzOCI6IjU0N3gzMjAifQ%3D%3D&format-type=118&actual-format=13&pcodever=690418&banner-test-tags=eyI3MjA1NzYwNTYzOTk1OTk1NiI6IjU4MTY4MSIsIjcyMDU3NjA3MTY1NTYxODM4IjoiNTczOTQifQ%3D%3D&width=1100&height=320&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 12:19:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://coronavirus-covid.info
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 06 Dec 2022 12:19:15 GMT

POST
H2 200 62240389 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 306ms
305ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/62240389?wmode=0&wv-part=2&wv-hit=789443553&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&rn=218590574&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670329156%3Aw%3A1600x1200%3Av%3A933%3Az%3A0%3Ai%3A20221206121915%3Au%3A1670329151185263034%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670329156&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:15 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:15 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:15 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame F37E 160 KB
56 KB 561ms
561ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cc31064ac18ecbf839868e4194b5d3cf5f085db7df162c96523636f30c23e12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-e123"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57635
expires: Tue, 06 Dec 2022 13:19:15 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame F37E 403 B
1015 B 1018ms
352ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fcoronavirus-covid.info%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

67f5d00815ab7639d5b31d17b5e33529bfc4284f6b57b0b51f9bf91c98d9a120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame F37E 41 KB
15 KB 160ms
77ms Script
text/javascript 216.58.220.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s30-in-f2.1e100.net

Software

cafe /

Resource Hash

a415b18919783c6f179a15cf9e3d7f3169bfb878d5d9e611fe726cbaa0435943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 2430685507190151929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 12:19:18 GMT

GET
H3

200

/
www.google.co.jp/pagead/1p-user-list/1014923426/ Frame F37E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RjOPY4ahB8_SqAHwqb6oDA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148&...

42 B
64 B

90ms
49ms

Image
image/gif

2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1715062225&crd=&is_vtc=1&random=752555148&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.co.jp/pagead/1p-user-list/1014923426/ Frame F37E
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RjOPY7ehB9L6gQOF2pnoDA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969
https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969...

42 B
108 B

51ms
42ms

Image
image/gif

2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.jp/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1392019703&crd=&is_vtc=1&random=2887333969&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.ru/watch/ Frame F37E 256 B
355 B 305ms
305ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A733123398205%3Ahid%3A424186432%3Az%3A0%3Ai%3A20221206121916%3Aet%3A1670329157%3Ac%3A1%3Arn%3A29505329%3Arqn%3A1%3Au%3A1670329157482889916%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C561%2C317%2C3%2C0%2C0%2C%2C41%2C0%2C923%2C924%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329153346%3Ast%3A1670329157&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

31c1acc4025a6df2e1c0214423df404aff273e845a5957f2671e8e2a2d804378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 12:19:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:17 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame F37E 43 B
120 B 301ms
301ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:19:17 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 06 Dec 2022 13:19:17 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame F37E 439 B
474 B 305ms
305ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fcoronavirus-covid.info%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3Aslhejhys9ytpnba8eugac%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A1%3Als%3A1470667774365%3Ahid%3A424186432%3Aphid%3A789443553%3Az%3A0%3Ai%3A20221206121917%3Aet%3A1670329157%3Ac%3A1%3Arn%3A859375033%3Arqn%3A1%3Au%3A1670329157482889916%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C561%2C317%2C3%2C0%2C0%2C%2C41%2C0%2C923%2C924%2C0%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670329153346%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670329157%3At%3A&t=gdpr(8-0)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e982675c9bd1d7743d351239ba066a9b3d75bea2bcd84481d44954c99e8a3f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 06-Dec-2022 12:19:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:17 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame F37E 3 KB
1 KB 52ms
51ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1670329158147&cv=9&fst=1670329158147&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99da487036c9f8578ee8d58ed2d891999dd4ba9f82ae78704247f320ea793e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame F37E 3 KB
1 KB 50ms
49ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1670329158161&cv=9&fst=1670329158161&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59bd8cdf8b209f1bb1c9c6e213cb020c558a2120ac9aa558718a416dfd3ed8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame F37E 3 KB
1 KB 52ms
52ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1670329158171&cv=9&fst=1670329158171&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8dbc18c066851950a06e42f60c893aae1db980ea9d2f91930a73504aa2497da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame A51C 0
684 B 199ms
54ms Document
text/html 74.125.203.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.203.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 12:19:18 GMT
expires: Tue, 06 Dec 2022 12:19:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame F37E 3 KB
1 KB 49ms
48ms Script
text/javascript 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1670329158180&cv=9&fst=1670329158180&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2082d6ccd7a269ce27f5f755f0d313d0e86bf4bc068cd2344c17231f59202fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame 988F 0
273 B 195ms
58ms Document
text/html 74.125.203.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.203.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 12:19:18 GMT
expires: Tue, 06 Dec 2022 12:19:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame F37E 42 B
108 B 87ms
43ms Image
image/gif 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1670329158147&cv=9&fst=1670328000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=3584816524&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/947884341/ Frame F37E 42 B
548 B 91ms
45ms Image
image/gif 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/947884341/?random=1670329158147&cv=9&fst=1670328000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=3584816524&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame F37E 42 B
64 B 90ms
47ms Image
image/gif 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1670329158161&cv=9&fst=1670328000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=4157969833&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/693627671/ Frame F37E 42 B
64 B 95ms
56ms Image
image/gif 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/693627671/?random=1670329158161&cv=9&fst=1670328000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=4157969833&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame F37E 42 B
64 B 91ms
49ms Image
image/gif 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1670329158171&cv=9&fst=1670328000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=2398997969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/947884341/ Frame F37E 42 B
64 B 85ms
47ms Image
image/gif 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/947884341/?random=1670329158171&cv=9&fst=1670328000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=2398997969&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame F37E 42 B
64 B 93ms
50ms Image
image/gif 2404:6800:4004:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1670329158180&cv=9&fst=1670328000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=1665404093&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/693627671/ Frame F37E 42 B
64 B 82ms
45ms Image
image/gif 2404:6800:4004:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/693627671/?random=1670329158180&cv=9&fst=1670328000000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fcoronavirus-covid.info%2F&async=1&fmt=3&is_vtc=1&random=1665404093&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: coronavirus-covid.info
URL: https://coronavirus-covid.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 62240389 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 309ms
309ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/62240389?wmode=0&wv-part=3&wv-hit=789443553&page-url=https%3A%2F%2Fcoronavirus-covid.info%2F&rn=892104000&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1670329160%3Aw%3A1600x1200%3Av%3A933%3Az%3A0%3Ai%3A20221206121919%3Au%3A1670329151185263034%3Avf%3Aynz2f7f3y7l8rj188tipo%3Ast%3A1670329160&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-covid.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 12:19:19 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Dec-2022 12:19:19 GMT
content-type: image/gif
access-control-allow-origin: https://coronavirus-covid.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Dec-2022 12:19:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mnayto.com
URL: https://mnayto.com/62h17l912vli/p0my308hq678quv786kpyvuq.php

Domain: backforward.bid
URL: https://backforward.bid/pushJs/AsDdJUIQX.js

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/sync?vendor=60143&uid=98A5407FD3C94A66

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 08:00:15	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 08:07:27	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 08:00:15	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 07:58:49	Name: f Value: https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsoltadspis%2FY48zQzLHtR4
kimberlite.io/rtb/sync	1970-01-20 07:58:49	Name: n Value: 2
coronavirus-covid.info/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.coronavirus-covid.info/	1970-01-20 17:20:25	Name: __gads Value: ID=613be293e6a96bd0-224d30c9bed80087:T=1670329149:RT=1670329149:S=ALNI_MbIQoAG_25-9CgU3jHXMyL9wJUgqw
.coronavirus-covid.info/	1970-01-20 17:20:25	Name: __gpi Value: UID=00000b8acccf5e67:T=1670329149:RT=1670329149:S=ALNI_MaQAPZ2NS1pMc7SOSMDbqGatIDwpA
.coronavirus-covid.info/	1970-01-20 08:00:15	Name: surfer_uuid Value: 2c9359e6-cb9c-4c57-8a70-ed9174ec0ca0
.coronavirus-covid.info/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fcoronavirus-covid.info%2F%22%2C%22depth%22%3A1%7D
.coronavirus-covid.info/	1969-12-31 23:59:59	Name: page_load_uuid Value: 9fbb4265-4d90-41fd-96f7-364a0b828d7e
.coronavirus-covid.info/	1970-01-20 16:44:25	Name: _ym_uid Value: 1670329151185263034
.coronavirus-covid.info/	1970-01-20 16:44:25	Name: _ym_d Value: 1670329151
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 556358041670329151
.yandex.ru/	1970-01-20 17:34:49	Name: i Value: 58Cy+vqfUOj6gpo1Y+Y9R1jSsCaUATNMuV0c80M7Xaf6r3sSW1nk9Pj5ddE2lVSEfrzC6dPZakb7aT0afHrKmjxvG8A=
.yandex.ru/	1970-01-20 17:34:49	Name: yandexuid Value: 8007954141670329151
.yandex.ru/	1970-01-20 17:34:49	Name: yuidss Value: 8007954141670329151
.coronavirus-covid.info/	1970-01-20 08:00:01	Name: _ym_isad Value: 2
.coronavirus-covid.info/	1970-01-20 07:58:50	Name: _ym_visorc Value: w
prodmp.ru/	1970-01-20 10:08:25	Name: rai Value: e8e2982a789841a63232feb32fa02721
.an.yandex.ru/	1970-01-20 08:08:53	Name: yabs-vdrf Value: A0
.yandex.ru/	1970-01-20 16:44:25	Name: ymex Value: 1985689151.yrts.1670329151#1985689151.yrtsi.1670329151
.betweendigital.com/	1970-01-20 16:44:25	Name: dc Value: sin1
.betweendigital.com/	1970-01-20 16:44:25	Name: tuuid Value: 50eccd6b-225b-5454-a10e-5327c2816065
.betweendigital.com/	1970-01-20 16:44:25	Name: ss Value: 1
.demdex.net/	1970-01-20 12:18:01	Name: demdex Value: 54848391385084906793801076886644178888
.dpm.demdex.net/	1970-01-20 12:18:01	Name: dpm Value: 54848391385084906793801076886644178888
px.arcspire.io/	1970-01-20 08:42:01	Name: arcid Value: ec67517ad8d6e2e67ba394
.dmg.digitaltarget.ru/	1970-01-20 17:34:49	Name: viuserid Value: Xb6-PHFZkWj5nV57fyo.
.tns-counter.ru/	1970-01-20 16:44:25	Name: guid Value: 94C96916638F3342X1670329154
.360yield.com/	1970-01-20 10:08:25	Name: tuuid Value: 8879c1b4-8467-4705-b8ba-cb62a7d812d1
.360yield.com/	1970-01-20 10:08:25	Name: tuuid_lu Value: 1670329155
.hybrid.ai/	1970-01-20 16:44:25	Name: vid Value: 684deef8473d6478774f
.acint.net/	1970-01-20 07:58:49	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 17:34:49	Name: aid Value: fwAAAWOPM0IDggOHaH1XAh5F+EsWDxy2ha9ki8q+YJwhWRfl
.360yield.com/	1970-01-20 10:08:25	Name: umeh Value: !429,0,1732537155,-1
.acint.net/	1970-01-20 08:42:01	Name: cSyncDp14v3 Value: 1670329155
.weborama.fr/	1970-01-20 17:24:44	Name: AFFICHE_W Value: pnuGGPs0Md@m65
.360yield.com/	1970-01-20 10:08:25	Name: um Value: !429,BczBZbcuA7PQXdkjbXR0yN-mfYma3w7MiRhacJjrPoeGMznP1Hdyyqg6MIJQbpeMLKk,1678105155
kimberlite.io/	1970-01-20 10:08:25	Name: u Value: Y48zQzLHtR4~VtKEOF87XfZ4-EX76pJkltNUH4I
.betweendigital.com/	1970-01-20 16:44:25	Name: ut Value: Y48zQwANSliOMdfrY9ZNdFXF0Y68S4JZYfKPDA==
.ssp-rtb.sape.ru/	1970-01-20 17:34:49	Name: sspuid Value: CkIDImOPM0RCZQCnryvvAvlak8L0kqbSjiUNegYLJ1ly634x
.uuidksinc.net/	1970-01-20 16:44:25	Name: jcsuuid Value: HJsq4BTQhB63W4Y2pNrw
.sonar.semantiqo.com/	1970-01-20 17:34:49	Name: semantiqo_a Value: a65501f9b3b4447c9dee0779df5555aa
.sonar.semantiqo.com/	1970-01-20 16:54:29	Name: check Value: ba1fcc8dc2f64fed9386fdf26b0dffd6
.yandex.ru/	1970-01-20 17:34:49	Name: is_gdpr Value: 0
.yandex.ru/	1970-01-20 17:34:49	Name: is_gdpr_b Value: COafRBC/mQE=
.mts.ru/	1970-01-20 16:31:27	Name: dspid Value: 6d669605-4613-498b-ae3a-6fff942cc2c1
.yastatic.net/	1969-12-31 23:59:59	Name: gdpr Value: 0
.yastatic.net/	1970-01-20 16:44:25	Name: _ym_uid Value: 1670329157482889916
.yastatic.net/	1970-01-20 16:44:25	Name: _ym_d Value: 1670329157
.1dmp.io/	1970-01-20 16:44:25	Name: uid Value: 34487f30-7560-11ed-acfd-901b0e8b2a6e
.1dmp.io/	1970-01-20 07:58:49	Name: ru-seq Value: null
.mts.ru/	1970-01-20 17:34:49	Name: mts_id Value: 1088360c-a3df-4f5c-8921-8ceaae432d0b
.mts.ru/	1970-01-20 17:34:49	Name: mts_id_last_sync Value: 1670329157
.upravel.com/	1970-01-20 07:58:49	Name: session_tptc Value: 1670329158096
.aidata.io/	1970-01-20 17:34:49	Name: __upin Value: IuSBrNxKYSUIDiGN/+hO8Q
.aidata.io/	1970-01-20 17:34:49	Name: __upints Value: 1670329158
.rutarget.ru/	1970-01-20 12:18:01	Name: userId Value: xRZYF3u4l7Fr
.doubleclick.net/	1970-01-20 17:34:49	Name: IDE Value: AHWqTUnZQ8_eCuGQAacZrkMgAipCA-gT_803gVfVQSJOW1y6C1Z9J01XqCa52uXF
.upravel.com/	1970-01-20 17:34:49	Name: user_id Value: 83d4900f-14d3-4963-9fe6-76aacfdcb8f6
x01.aidata.io/	1970-01-20 08:08:53	Name: yaya Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mnayto.com/62h17l912vli/p0my308hq678quv786kpyvuq.php Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://rfpozf.com/v4/render?surfer_uuid=2c9359e6-cb9c-4c57-8a70-ed9174ec0ca0&referrer=https%3A%2F%2Fcoronavirus-covid.info%2F&page_load_uuid=9fbb4265-4d90-41fd-96f7-364a0b828d7e&page_depth=1&a0pduofk9i=b5a09958-6986-412d-b595-6421b7f0ee0f&block_uuid=b5a09958-6986-412d-b595-6421b7f0ee0f&refresh_depth=1&safari_multiple_request=886 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/bWaWBUYTSYuuOm__lCzCwQ?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=3554395671 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6jfvnf69jx.ru
acint.net
ads.betweendigital.com
adservice.google.co.jp
adservice.google.com
an.yandex.ru
avatars.mds.yandex.net
backforward.bid
bid.g.doubleclick.net
cm.g.doubleclick.net
cm.tns-counter.ru
coronavirus-covid.info
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
kimberlite.io
match.360yield.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
mnayto.com
moevideo.biz
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rfpozf.com
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.upravel.com
t.adx.opera.com
tat3ayogh6.com
tech.rtb.mts.ru
www.google.co.jp
www.google.com
www.googleadservices.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
backforward.bid
mitdmp.whiteboxdigital.ru
mnayto.com
t.adx.opera.com
13.231.96.223
13.250.210.117
136.243.148.229
148.251.156.238
148.251.236.115
172.217.161.34
178.170.196.176
185.15.175.174
193.106.95.134
193.3.184.135
193.3.184.217
194.190.76.38
194.55.244.180
2001:6d0:4001::226
203.195.121.142
213.87.44.187
216.58.220.98
217.66.147.42
23.88.12.13
2404:6800:4004:80b::2002
2404:6800:4004:811::2003
2404:6800:4004:811::2004
2404:6800:4004:81d::2002
2404:6800:4004:825::2003
2404:6800:4004:826::2002
2404:6800:4004:827::2002
2404:6800:400a:80a::200a
2606:4700:20::681a:f45
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.172
31.220.27.155
34.252.9.30
35.177.4.157
35.190.24.218
37.18.16.23
45.130.41.33
46.243.143.249
52.45.175.185
62.76.25.28
74.125.203.154
80.78.249.201
81.222.128.215
85.192.12.169
85.192.12.174
88.212.201.204
89.108.119.43
91.192.149.14
92.38.138.91
95.217.86.150
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01f5db543ad51391eced4f47e21e34817fd617df68a6201bded15c002068cde1
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0947afc6e8297c3c552ca4b69dd769edb79376984538cce2dfa0c511a816068a
096e28bea7f5c7c5423e102cfa03e5069a54ba7defd74d43c9d75867295ebfad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1afa9b0f70e0103e290b5f7fd101fc58a88fe430d9006dc96dab3891089298da
1dbaa5b506f0d39f17b10bb2ae11f1726b6e4af77f13e7bdd0dae45d347bf869
1f5dce5e5c0e7bd5ac4c193cb7b4f3d32a4b34443d0458aee9951a5533ff975b
2082d6ccd7a269ce27f5f755f0d313d0e86bf4bc068cd2344c17231f59202fdc
2211863f0019ac74fdefb5b3ac100a7d65dbb91461c7b87531b20d4b741fef5b
23d09b5a0f70491c7dbffa21118eb5a47752dd41510e5b2ab860f3de6c649345
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
31c1acc4025a6df2e1c0214423df404aff273e845a5957f2671e8e2a2d804378
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
366c17b127df168d7758e3b64e9bbf3ddaa5148bec6d66042905cb7a068ef799
389008af3997dc2fd4c7d737dbedb93af241e7714d27ff1fa4c42b81b4bca170
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
3f2b4f72cd998f7bb52f72777d94e68fc5293d85010781b130af9354420aacac
41c8fb76c938136e6acdd1bd5b6fc74ebad2ee794c71763f8a13403d5fa731c7
475674780b9a88df3e13f82ac40fe45a820648183db1ced82b783f82d756f11d
495e804b9ffa1c633071d32b606b276406526fa472a1e8ef0a634460b8c7b0d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59bd8cdf8b209f1bb1c9c6e213cb020c558a2120ac9aa558718a416dfd3ed8dd
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
627c6162cb011832688693b17319ae9f12313f57d4f66bc12bb8b3f4aeec02ab
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65588e6632136114451f3126d5b2484c027349addda567e1783ab55eff00ff00
677a2329d8b982e75a8b5d44f285cb81747bbc507552c139c3b3a4b65cd3cf5f
67f5d00815ab7639d5b31d17b5e33529bfc4284f6b57b0b51f9bf91c98d9a120
76d66882e7064541a134c01e41c3ba8b2a05adbd59e6d7e9094d1470a2e8e81c
845c2f5e4b94aa4c0831dcbe842968c35211eca62b717d5d2274bd4017dfe4e0
8e30a168ee2b33d767e71536d50e915a1435a9a84c14af2cb1fe9ad198786afd
8e44f0a9e9571ccfdee404a36e119e6b5caa037b150fbbc074fd0424d8d41875
8fac8d2c12bd4f54331fd14071ae8b9858069205044dca960a76bc499bdcba14
908b7b4fb33635017eb87d7817311a2002f701a6983fb1821bf0b5cc92644460
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
99486786c0e2e5dcc76f66e37f88472cb5ca7d1b82294a88a881432d2147c7b9
99da487036c9f8578ee8d58ed2d891999dd4ba9f82ae78704247f320ea793e71
99de02521e111183b7076a4c3e0e439749edabe91048051cadd90a386013774d
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9eae5475e1ab684a87c5d8546e96903cf75908c0e16f1de62033124f47f587c7
9ede0d08c53c7868900dbfa5a2cec240fbd3b031658fbcbb2b8bac366b182088
a415b18919783c6f179a15cf9e3d7f3169bfb878d5d9e611fe726cbaa0435943
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a94bb3c678c22d7b2dcae9de296dd0c9e8f7230961714fa9b6ff1bae3368b6fd
ae7ae506f0986636c20d9238f3f4019e2fcca117a7e4c878e4341c9dbaa87dad
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b57c1ae37417ba61d874fa6faa47ad2e16a57896fae6c2845b855baa4069bca2
b6b86dba8fc64c06c4777c97bacd8296c88d78c86ef0cc7d0b17cd705a07a075
b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9
b9fbf62e3358151ff3aea4468c99c5118c76969b19967c24571a6800e04139c4
bc4e71ec93435dce801dbd2e87169234d0af2dd64c4f24be7fece8d3eaad8466
ca3ff6b2d54d004417646dab248534e301f74cd261b91c2536b24d2713fade2d
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cc31064ac18ecbf839868e4194b5d3cf5f085db7df162c96523636f30c23e12e
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf99fbd33127cc6907ec76d9acfac04bfb09cc7fd8fbe18dba9e6d9162252bde
d096622fac5e00e78c7c1bc7037effdacea094af2186f859e550fddc857c8596
d11ad1b0e06c91036fb4f3025ba758251cfa4b1155561a596805a62ec30372bb
d6c87c498dc95f90983a9fc0c97f1971071fa568ac49d9647b8c2fda3e41e7e9
dabe0efbc37778a08982db3c0ad8ba9c442247b69c7128b5f44666dfe9dcfb6f
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e28088bab6fc8accd0a26dfb2f3026e8e131abb86004b536b4c439dcb64c894d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61eb5ef27b9a61953d3e09ca7d5713a8a23b319519624c0028d533af6ca7ab4
e82e845a340b4bae90644f0da9de38cd31ce4f00502d7a05358c5fb89af9bc98
e982675c9bd1d7743d351239ba066a9b3d75bea2bcd84481d44954c99e8a3f42
ead7141abe6d8b287774492e5d2e71cabd518b8c71269fb6b73ff0431c990093
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8dbc18c066851950a06e42f60c893aae1db980ea9d2f91930a73504aa2497da

coronavirus-covid.info Open in urlscan Pro 45.130.41.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

141 Requests

74 %HTTPS

30 %IPv6

48 Domains

59 Subdomains

33 IPs

10 Countries

2102 kBTransfer

4509 kBSize

62 Cookies

0 Outgoing links

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

coronavirus-covid.info Open in urlscan Pro
45.130.41.33 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

74 %
HTTPS

30 %
IPv6

48
Domains

59
Subdomains

33
IPs

10
Countries

2102 kB
Transfer

4509 kB
Size

62
Cookies

141 HTTP transactions
1 data transactions