coronavirus-control.ru Open in urlscan Pro
172.67.178.142 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronavirus-control.ru/
Effective URL:
https://coronavirus-control.ru/
Submission: On October 14 via manual (October 14th 2021, 7:11:48 pm UTC) from US — Scanned from DE

Summary HTTP 189 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 28 domains to perform 189 HTTP transactions. The main IP is 172.67.178.142, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronavirus-control.ru.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time coronavirus-control.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	172.67.178.142 172.67.178.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	84.201.172.198 84.201.172.198	200350 (YANDEXCLOUD) (YANDEXCLOUD)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
3	82.202.167.216 82.202.167.216	29182 (THEFIRST-AS) (THEFIRST-AS)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:479a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3 5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
33	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
1	85.192.12.174 85.192.12.174	12695 (DINET-AS) (DINET-AS)
16	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	193.106.95.134 193.106.95.134	48614 (ITSOFT-AS) (ITSOFT-AS)
3	85.192.12.173 85.192.12.173	12695 (DINET-AS) (DINET-AS)
9	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2 4	92.122.254.129 92.122.254.129	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
189	32

41 172.67.178.142 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coronavirus-control.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.201.172.198 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

nativerent.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

vuoffbvzcvdsc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.202.167.216 (Moscow, Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: pistotita2.slickjump.org

sjsmartcontent.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479a (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 62.76.25.27 (Russian Federation)

ASN61400 (NETRACK-AS, RU)

vtufuj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.192.12.174 (Russian Federation)

ASN12695 (DINET-AS, RU)

pwrlkyotm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.106.95.134 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)

dmpprof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.122.254.129 (Schiphol, Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-129.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	coronavirus-control.ru 1 redirects coronavirus-control.ru	564 KB
33	vtufuj.com vtufuj.com	545 KB
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	446 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	175 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	115 KB
9	2mdn.net s0.2mdn.net	1 MB
9	yandex.com 2 redirects mc.yandex.com	3 KB
5	googleapis.com fonts.googleapis.com	5 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	dmpprof.com dmpprof.com	1 KB
3	googletagservices.com www.googletagservices.com	112 KB
3	google.com adservice.google.com www.google.com	2 KB
3	sjsmartcontent.org sjsmartcontent.org	41 KB
3	cloudflare.com cdnjs.cloudflare.com	60 KB
2	prodmp.ru prodmp.ru	363 B
2	1dmp.io 1 redirects sync.1dmp.io	814 B
2	mail.ru 1 redirects top-fwz1.mail.ru	2 KB
2	google.de adservice.google.de	1018 B
2	google-analytics.com www.google-analytics.com	20 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	highcharts.com code.highcharts.com	140 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
1	pwrlkyotm.com pwrlkyotm.com	48 KB
1	googleadservices.com partner.googleadservices.com	665 B
1	jquery.com code.jquery.com	30 KB
1	vuoffbvzcvdsc.com vuoffbvzcvdsc.com	16 KB
1	nativerent.ru nativerent.ru	5 KB
189	28

	Domain	Requested by
41	coronavirus-control.ru	1 redirects coronavirus-control.ru
33	vtufuj.com	coronavirus-control.ru vtufuj.com
17	pagead2.googlesyndication.com	coronavirus-control.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com coronavirus-control.ru
11	fonts.gstatic.com	fonts.googleapis.com
9	s0.2mdn.net	coronavirus-control.ru s0.2mdn.net
9	mc.yandex.com	2 redirects mc.yandex.ru
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net coronavirus-control.ru
5	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	coronavirus-control.ru googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	dmpprof.com	pwrlkyotm.com
3	www.googletagservices.com	googleads.g.doubleclick.net coronavirus-control.ru
3	sjsmartcontent.org	coronavirus-control.ru sjsmartcontent.org
3	cdnjs.cloudflare.com	coronavirus-control.ru
2	googleads4.g.doubleclick.net	coronavirus-control.ru
2	prodmp.ru	pwrlkyotm.com
2	sync.1dmp.io	1 redirects text
2	top-fwz1.mail.ru	1 redirects text
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects coronavirus-control.ru
2	code.highcharts.com	coronavirus-control.ru
2	www.googletagmanager.com	coronavirus-control.ru
1	www.google.com	tpc.googlesyndication.com
1	pwrlkyotm.com	vuoffbvzcvdsc.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	coronavirus-control.ru
1	vuoffbvzcvdsc.com	coronavirus-control.ru
1	nativerent.ru	coronavirus-control.ru
189	33

This site contains links to these domains. Also see Links.

Domain
vtufuj.com
www.who.int
www.ecdc.europa.eu
tlg.today

Subject Issuer	Validity	Valid
*.coronavirus-control.ru R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
nativerent.ru Thawte TLS RSA CA G1	`2021-10-08` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
vuoffbvzcvdsc.com R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
*.sjsmartcontent.org Sectigo RSA Domain Validation Secure Server CA	`2021-04-14` - `2022-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
vtufuj.com R3	`2021-09-20` - `2021-12-19`	3 months	crt.sh
pwrlkyotm.com R3	`2021-09-16` - `2021-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
sync.1dmp.io R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
prodmp.ru R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
dmpprof.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://coronavirus-control.ru/
Frame ID: A232678EA8260A75C98A075CCB7840D6
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: DA29DB6EC53C4F40D28B8CE3313B0C0A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&adk=1812271804&adf=3025194257&lmt=1634238698&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcoronavirus-control.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697835&bpp=3&bdt=637&idt=529&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6709792917566&frm=20&pv=2&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=560
Frame ID: 4D1D407D928319A369BFD7CE532DE598
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&h=90&slotname=9858196657&adk=3793808450&adf=683863926&pi=t.ma~as.9858196657&w=728&lmt=1634238698&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fcoronavirus-control.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697838&bpp=4&bdt=640&idt=597&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6709792917566&frm=20&pv=1&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qKlnrZBd5c&p=https%3A//coronavirus-control.ru&dtd=605
Frame ID: CA1B078348417D3F30E8BC7D1BA22D04
Requests: 14 HTTP requests in this frame

Frame: data://truncated
Frame ID: B69678AAFAEC8674D69EFBD48F60E335
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: E9006F0F7A5AD7B5502D4EC28C9C3DAB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 80B9161289D40164F71963CC50C3D9C7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 089934F791FEECB6A1C7C0BDCDD5D98E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1C06E0DCEFAB9FE893112A4D055B924F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
Frame ID: FE59DCEE6FDA983373A5AD2F24D39143
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: CE2C602BFF6801D53B1A308F6AEF6680
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic
Frame ID: DD58F319F1E1A33F177BD6D40F783482
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Frame ID: 046D57CE4F99752706E5D87D484F5B83
Requests: 12 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/8653f2a2a9c87cf6b28cd7b1af1ca21e.js?tag=pingback
Frame ID: E1B585F700E4858CE1C723A8B9F73A01
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
Frame ID: D6B7820E1C84764FA2FF679AC6218E90
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 93A5F455487D851E64713ADF8E501927
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: 96DB9A28732C528258AA2E1D3CF79A7E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Коронавирус — Статистика 😷 Карта коронавируса 👑

Page URL History Show full URLs

http://coronavirus-control.ru/ HTTP 301
https://coronavirus-control.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Chart.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js
cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js
googletagmanager\.com/gtm\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

189
Requests

100 %
HTTPS

53 %
IPv6

28
Domains

33
Subdomains

32
IPs

5
Countries

3609 kB
Transfer

7112 kB
Size

35
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://vtufuj.com/v2/click?media=342053&c=mAYxTYIUUzVmzgBhTaX0V2fDTu2jLFwt02MynnPpe7dlOFHejiFYa_xlbLHwc7NStYespRyqfZqGynL5rVSezvKi21e3QgAsDrWMP7xZbmahS5ljR2pecCFEtLDOLNF8hUCl0IRxDo5XnuYyyRoVd8GL0WWEJrEDLj4-oomOZevhyTuCuDU25jZhE2TC9RneTuiNAqCsbULqVE4jLamT_5ozE__Yo1N21z6IkL1wOlWVCMQNNUJcmNQuBdKGpVBf75tPrO8CjHTaug7A-O77YOxwhDeKotL4mO-uA8IHOZsZIRW0pbbTAPL04jVJQkfU84mZAYYj72L6mIXDYgZTnbeHXs9eWW7_gKhu0zUfBPNZ3R-p7IZnqYm47h7bawVtVgbDYZHRiywhJWKCmf7rHyFzDlbKGFwGIchLm064Q_kIvczA_6rhIzXjddXIQp7-YVl2slc9GvHXXjLF7LqgGGZAjTMToSPLSBWMvgn_5iIq6i64zcm7yynGDpAIsVwIEH8jemYqFcc78mqttZRnMblarGHmjs4ZBzBxaX4ZeMKrSRKiXw
Title: 1 час 14 минут назад Папилломы на шее — это паразиты! Вот метод, как избавиться от них за один вечер... Еще 460 85 367

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=329125&c=mAYl1hY8FfpzJ_2CmQrqiazLn1-yhG2AxyYBp7VrouUNLFZRz4lWIHAFvqRwAx1AiLNZ7APqYKmnMXoPbdr0w6jRhJ_yw6kvGuRkBdMgAywCnQlAyhCQA4d9Gu1v2dmkDfmAG50hk5JFMYUyYTxBXfxyc_OxkG3bWtBPj9qLCnDv2MsdlOZb6LNzT4SRmcHWK-d0_WnaTGuLFow5-I0-sORY6_4ejMV-AV69RuG8fOKkuISyk_1u4y0NJ7xi-K8xYvI627zEArAQqVvl31900UOuMeVK6NtxNIcyQChdeb06dl7r4Khkwac_EWARthAv-Wt7LeM-nNvvcY9FFZRIr2E85mOljRaY-rDGp7VcJsNyk2yJLjRu8ZwDo6CGV5pqanZrySsfolMEWbiDPPTpdFT-hP9HsuLjchqvAOe-XhCEIIRNJI5WR_EdJRhMa_6H2HbUTvb_XfUPv4lvD7II1bu90ukpMS-RhisjBKXYGy1-sFnrTmyNM--bM-xlvq6jUlEq
Title: 12 часов 21 минут назад Правда о национальности Ленина стала ударом: что век скрывали Еще 303 185 248

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=340122&c=mAYxTUc8-uUZxI5beyPpb7-D2wta3rinZO4FIK6-kIoIyGxmHLrUEKDtA-E4zr5sMGtP6e9Cv8wkZ_PJBJI4lXbYBxuRHbP6AUeG4w5XwX3-448WggX979f7a7hgG_tcTL_coe2o7AyVtoSCl7W_iwPVnWOhp0UvdU19ljb3GcCOkmA1mI6OIUy1G52TXZUWTRRKBs-QQYugRJlTebcCGa0Yxg1GZRTlVjj9zg2azucqQ3AgOeHxqE4NLda2hYOEvdBJ9-gcX8iNlXVohS8IIgXP_9c2erPf6Xy8aAYcWeAkF7CU-s13i_9pO9OurQzzOgFa477wgscXDlxzYKX9zgaVFAp37Cf_KBOTXNLsead-sneCNSSseNDxNj0UJQaNQTLfwFowpDpCBAgF1YFr9zxrsv9DZ5rrKdd1ySO5CfxZq1uEOdjZCOwLnp-GxlRUTNPQ4brJqw3HJQJX_hmWwTVwc2OnJSOkbo5iTOkMBZUBYKP51DBuvz0OsMMA26my60pXJRwYbfeXnpScWPo8znxQKtP13Q
Title: 3 часа 23 минут назад От гипертонии, для долголетия, против тромбов и инсульта! В простой напиток капните 3 капли обычного... Еще 438 69 107

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=338532&c=mAYxTAcJxQ1OG4BcH2Wd8MudFVWv3sB54DdyNAC5t_7mwec4fysafKSadjk5FVU3AgbkfOMEIxdQT8FxoPgMFtL0wRFudSj4Ja7w9TYsLdCB0LE36ps7jd5R-6QFe5RW3CKcy4CkOZrmwcyNcD54Uf-wtoX8MWmLvEPL8JwOEpkLg2qW8nyGiayQFqrd3jGIou-pf9zgrLntLrBGDo-fJPb5UJh2Un3SWZzg5CuiitCGQKFti_Hgj1NidzkUH6HvFQejkbkoAWLTmkrLFrfB53Jn6z3yDvU4v3EwX9PyBlsGgn1TdrPOMcSK5TXbFWE81aPJDrv99pzgQcxBQzzQyXw5ukluiAzJ3gENcKNNz_DAm50kk8Gh2x3wXNU8V19gHyETuAQ8SYtbFn9tGeyi_Q6HHrE4HcDaov1KrVUq_aGg7496rIcUyYNHVpu-TEwumjog7ykCmiky6a8erEm79Eq93_QmsL5wM1V4qxUMr6X23yaXVUY2RxL39os_maud7NjjiqTqHDB_LkIi8SCrdInTC7gr
Title: 12 часов 38 минут назад Быстрая помощь для забитых сосудов: делаю так - давление всегда 120/80! Записывайте. Рецепт №1 Еще 261 134 187

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=322333&c=mAYxTVMvWu4jTL3x9iajKXxOEyOjz0HFomz9acE0XU5NI87Z_3MezoFz5nwy_y1adFAmv4XZm4Z_zSoFPVhqH-mKf73Pwed0a1kLY2ho-lkFcNc2HgQ02EIt9ccp1IYzSgbXZa5_j_EzelDylRuKeXeT2Bvs9LNprTudQyY22VmY_8VL04loyDt7Pbogz2yU7Mm9vB0JtLHnkWGrCG-hZKmkuM1HhKDTTbfcMtYNYFix7N_SeB8N17zaKh6-4ScnBFqVaaxQA5jghSVjJPd4kyefKlNytvft3hFBmq6Y-Ut7jjqJLYwHESuPts3jjl6siqYVS8vw_apZPZ4w5P7WFjjhjrTdXGYNciN5sRFDGIFw2S0DW5FhI6vqdXFexaFTfkJ7fPcMTrk0ivYgppKg3qSJt6M9K_v-PIBipbl1LZxaF0qw7eaLXsoZ2DNvouO67EakjGO5IbT8qfOXcqjz--d5SqcTkKA9P9iYe5fzEjtiMNUsJIZjN8A1r1-c-lrFhv7ia4_R1_IldosNvaJ2_YUxU0c
Title: Давление! Вот кто главный убийца людей! Скандал в студии! Как нас обманывают рассказал А. Мясников. Теперь будут... Подробнее

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=328211&c=mAYGXqMze4szpbE_ckzZqV2FFq-LpNUXJBq1vNuNhlC43Us4pAD3sE5SiHpZbf6k1M4CtNPiDRNoNsxK_Gf1U1epjFZ_ANqbKnh8XYbVr5WOeEOKqSaSgFWHvQz2XcRuNSgEy9M_QOqZtapCVPjGXFKLvXvdbyINikak_o7lMzAJM-Vo2fHji_slQE0d--G2-cc7dH-mYMyAdkna53Xqbm041auTZSq8a4oFTPTosd3c5svWJvPZJvjnzaSFt0hF_M9SpuRilyDVtPm7JulJlWw3YkaVXYwHjE02magZZbi36b41zn20khG90P7JtpBWRVDaY-QyMQtUwwTlJkXRRX6RIX3_EeEjJYdclUbUpGdLby6DrVT3IAC-L3zkCJHMVc0L1wOYBWZ2Vdm44W3roZl94G-s7HQ3WU4dTpb5W08e556Fu3b4bfmYtEQi6YYNPUa2G8u7fkcSTyk8ffdmeIEddeKgmzOudrJvGERfMJq72LHyLUomfqrZP5icdpM
Title: Помните еще Шумахера? Рыдающая жена не выдержала и рассказала Подробнее

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=338586&c=mAYxTVHxfk-LvJgsqvXsHE_ZJzkK4jPWBW6XHxwZ7XtovHD7WVk57YeAW4NqzOZbWSzsbE-5QhVU2mj-_69Kao3KqgXb8Kt_TnSKHU4m1kbEXDq11UqFFJSPc8XUlojC2qkTZRoIzVu-azvzW2yZ6iNLu91KSx83MEPI1DMzsxkd7hHX3N9ZR-MES0nBY5LNVJ6VQgNNBMw_3sgRAr7cdp1eClDbBLFYVMR_VsezqwEMvaq9Hm9LoVLGB0-quNsqqSRQ_DvoZLnrOdnxqvOhldhFB9qPdXgScyNRl18D-3u3nN45vAhTBEmy1YWgnivq4me8kSkGzvL1B_qGh3MkF1Dsp79YyaIgugFVhvPWCH6hZhvPrUUBTT8IHnim56CoX0HrzPVzfmX8uKkUW4RajjHiguyFTm0CtfwN-CTzNeiBtvtNs7hiwwzVdqZkDRVTHNZuBFJF6g1l2jZd25FEgLBXX8pRojLkksGujeidVG3JgXUv_x5NTJL8js2n12qxuwXXi0jHr7jN4CbFxq-G7yE
Title: Ревматологи в шоке! Боль в суставах уйдёт за 3 дня! Рецепт №1, пишите пока не удалили Подробнее

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=329282&c=mAYGXn6-BwwA3x0ZJRyARxs3vDCx_LrDN7ufXCmlylYwz9yyCOBN9KBmYEtfTa9TbHciItNVzdBKthsM1-orzsfQSdBopx6XnTQjhGdcxK__gB3rJceao_w5TvATwk0QwL5Hiu87Jynd15I35sonRytQ0Vso8GD427Sj2NOqJuPTEO2Dq-b5j1IIUSGecpslU99ux1XisBs5NBZiGHET-XDlpwiRyH2xRlHC24Ot7Qs7zNcafttb2bJ_yX__nVbFqV75eh8jQrEfikYsk3ZvIMbVzfMNZMBOWjICJeOQCQihdjgI9nxscuH7eAOMOBENqO22mgOw2L5-AFSef3H98pM13DZdvTFRGQ_S6Z1KmXvLa3Wk1N3G3UDFj5fEWlbokuPJXjLHhYcuUC4s70NLIvfBDstvFLSRJdhj4apLBqVZZKc2QZnxznEZfxIoUcYx8X2L_G8D97urSMsQQ0V7J02S36lxRkd8dpGm0rDU7MitU4_CCw
Title: Умершие родные дают эти знаки: они рядом Подробнее

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=338571&c=mAYxTUc80L3pup2_jtqEoYfFQJoalnuTxJBzMSH_VkSrDz4zNx9-YfhE_cz0FEQxec_rYh9yR5EiKDLeAUTa8H-CklLf6NVeg7FoD2JQ-_jLkN8UZb4OP20189MYrRH4nIPTN2PNbAvgptI6s657EMLByE8NboVN4q9iKwZ1XQgJrnGHjI6-lPu7Pf3lkBb_mtUrMiGCT02EmxIzo5XlgTniyVvHSY86OrTkuTEC9zk1S7A_TkTVLMxudfHcMD5QbS4EgNID5WRVA_m6v5vYOHUiVdEH4bknsbux6-3MmRixORuSUkU7D8GVFUUwIkqeUAHFmdO_vstn8YT4JpLaRKkLM2F0v736CIexRiohizTXnIZjmGpxqf4YLluQl-pCQhZe3c7vwg-_2RWDil7LfavdYSHG89rwMSr4Bu_DnQUpfgMr3l-Hn88AyIhH1O5GPYTUdTNuJqXprj81RrUtAbRYtCW3w0IKZIcBn-ch08LkZWF6_bSFSvzqq5HyrCQ3hciYSrNVxLXx6oh_LYNZUJ4
Title: С этим даже самые стертые суставы и хрящи вылечатся за 9 дней! Возьмите утром простое безопасное...

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=321959&c=mAYGXz7DxRez15U2bXMxiwM7QXVBXkd8Cn9qaELTsFxWQoib3qWgrHCYVIbzjnSfLoyGxChkhy7oTaSBgYEpJ2KB73iSlpQVAU_WYZiB_Ua7o6ECtj9Fo9WNYrEAItGyz-Sq5Rj5V-EnvpgBxR27JUntlaMVDwHK0gkBgmXcBsmq4O0c4hH1vXjfsHS_nhodiPpI__dlxYU9WUsWRxyLrpw0KTEgHE9N4Z8OPgwi63ghqEejbCWXTu1kJXlCVHqpRjKfxEyxjmTQhHWlD6zB7rJLnlhLW9IAf8BKUojkkx5gZP8hu8Xv355rWy2k0mfjqB-YNmgSXDHuy3XbdpzUZDzeubhA69jdeR1pTrqpjvz8cyenUwhCHfnTPUpEnOT0b06uoijgN68ZFZcz25RNXG3TdnmghYorBs7XhJIzzkUOLbP2Xk4xlVrPcenVxhJdSOoxgDIWCff_EDPhVcdbsKJv-FWy-fdkLLSvuGu_fjgsu40e-0HO8WeeSaSIsgYhrcqfgknsGbs
Title: Известная российская актриса спрыгнула с 9-го этажа

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=344024&c=mAYxifT0lLpCS0u2FyVun6y5SFKn_GshH9ylXZtRMBD7XbA4oTdmyIz5hsY89ze2JEQz9U6LxXkbeoUHo_RUrvvKjaV_dfaZLdba2LJzTuCrI_EeUkoS6_8plSDe-0MmkqOCR2pIRFYxbX8cqtW_GZswLdxqDWP3hf45UmDZvva2MNsbXKdC_dJ4bomFxAJzUujqEKWKNxUDjQ22p22ngvnxVPtBxZ8Ftu2Iq12SPIHGIBsE4aLpOrr3h15qj9o-OWdzIFiFMbInr0JnoVkeRU45dCoJ_ht_Bc6n9QAXSzJfBCIb8UdZ5uKQIlYvoYkyUCtqLkdAXUMbGIZGSkGSCuul6pMPRsO_fhpU1PWEQ3W_u5TScGoI4Uu0GjmS6Tu2NE8IuUAM-WKiv1AFny63WRzdsj0lmiNEE5TK-00J5E7XP9AHde5mUf5C-jeC7zyEyfCwx8Oea2q8ktvi2AHCV7TkUsh7k6hKV2IPlyPymJcQO4byu2bOlkVcBziKwO4EpYLxl22Shs5z4rGRPaU9e7iplG3ju-xWcZ5kWoKi
Title: Баба Нина: У тебя будет много денег, если носить в кармане...

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=332469&c=mAYxiCM18An58KP9GKwPavAFka6EPs5ytHzm5ANWyg0fqa5ZjMbOlRdTmIZ74Uvla-ynuCM9cp8cK9M03SXqI9gdND28u6EERZaTfJD4uQkFvQQa5XE7BjNIZifkNbSu9wEKaqFdfIXl705OmP0VyapQ9lEn4DX6kMd8LWVKofzUV29DV7DNjzxlH9WvH8KIcLvEkpEEnnvh0ab9N00AKXPGDysiniqwq8EQpjZaf98C_8SonqE5NTc4ad5aUS-wwxrIuwoDzxGGNqDpSNjSdRk0F9d7_G2yfoTHHdS05Tq1sjlYBnVXc5a2st1z80Y_n_eBJ0ssbteTtA8MgG0AUyorz610hLI-0_0rEP7DuVV9WmG9MAdL0z7RDreWkCI1DdDayFcjmxa3nhnXvw8Kmm4hxKhjGQkWGnAMoYBLWDnHlGQHumVAkjxOXToO40tVg5Ln-i97Y5IXfRXh57L-oPR1Je2lQmsW12gRZXFNioqDv5XB3vRxXWgrDtCdQhOtplDzaHXUgSwKHWqxx1KGz1kkVxgvF0k
Title: Мясников: Шум в ушах стихнет, а давление будет 120\80 ежедневно. Если растворить в кипятке ложку домашнего....

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=323202&c=mAYxiN-boHWlDq9jxQoMCU3Z3PfO1nVhSEl7sgvuRndyb_Xl2NA-vBBzcS03ThKK_6rIm1HjsY7WDUbDRnS5pB0ik5Covy6-5g1oKmaQ7atCzupxxDg5lkbpFYI48WAUPB9Phga8zVGB5yT_4OGRun8mR8J6yPSgt_pSk-egIBj8scBgcMD09nd7sk214A2H93tnxVQLSI2G5AbTDhpmqthUP6n72CLHgtprzidxmpzHws0GWChKLgDvBMAkTtogIItRi2qc8ifTMI6W0uyKoS49paMQ-Cfh_6Ska8STjxx7XrTKjpEDjdf1GzkyLVCzFEBCEVKHZX7nFHpM-CHprm-sMP4vFTWqgI9HXtbfw2MiAJRIUfqXJ6qMbfsTPmtibmpWyBSLu8p28zooPLciqVhWSqpfZfTAWe_11YJ1XQQ6THODyCsuMOBfRyCsU1F7IHdLVWV584ReD4mySkVJuvGuCSYQ-8gL_cuA4wBOC1CEOl6W2wcRZf8TOvLrv--xqEId5K24z79Y_8Gdgg29BwviCTdt
Title: Папилломы отвалятся за ночь, а к утру из вас комом пойдут паразиты и глисты, просто надо взять пару капель простого...

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=338551&c=mAYxiN-3r-_VO_pjiICmjFzTehuydPLb1aFNLttGmXJVPKdZqo_PzyaPT7BMiAcoIg7gs6toPuuferMPjeRhFgUWMf7xWlUYm4d4wIex7eyF4YjCVYXW5VwhyzG8yS6lkLsQcmaNRwaAwuy267BHAKbsCZcLINY5JJP5oBh2Y3A5mXdRJhjHX0YDveJJWczpIqDEOspUfznWyGBr2CatULqMe3RLWLrliH6CJmTJ4tsIW7E5ss6gulxTsObxNCa2yh7Tyly-RWmjtZzjQkX0geYfBlI9uCuCYxMTaVO-rUaBrqz511yj9_HnJkPaMi3WiIi-H6T9e1UKlZHTM9-_RAffMzVy5dITn2_hwR3MWIPL35oSC7y-gJKvIfeAth9iz_FS_FbShKNBjyyR4c18nyvJcku7daQueVOGuYbJrH5dfu-HSw4pQvo5Pj6GgMWio0x702CK_fQKXb-xMZH3Kblayi1PymKFsfXC5mE0cnyZPfOb0ADkvx9ysXzm88Nf3PHm9aj4-TfA496PdwKOto4
Title: Если вы обнаружите эти папилломы, будьте осторожны! Конец папилломам и бородавкам придет быстро! Я брала безопасное...

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=326619&c=mAYGXz7DuXsC0ymMe0C8j-yQ501Y0XVUIWOd78GYgLZCY0T34RGiZDbIdFaXIZZb9h405XXUq0djUGJqODLkywRltYlvpEE5YCoKBt-xvTJJIL9gkJK_g_8yjuVI1-9JXv5j0Rabosad9qCsX3Al75168B10HqqUoXLc-tHCPUdX9xq4xInncKQ_LqkbZJBk-Lw6pPUKxlqiN9gE8RhXsP5TyKtqvSnrJnupEsk-vw2zLpvCeq7vV6zxhv7HgK1EGadTPUw7-YkGNgQEhH2ChA92WY_P7Z3AQ_-Sv7i3RFd7DX7UNFu-hfzU7J8EMktQcoB2VRZ2qHKb_mT8B51dOGzLixZmwxBFwzmX9Uvou-vi35T1KOXLCYklYcZ3WCPsxXGvgwlJ6q5lMlqLdP47B6cHBoE5NcU4YVg06Gp1RNWmQ2xV-t9NGFgCHwFKILJzA23_e_BJGg1M31LmlYarfN5-8OoK36EEJEqDvZCv9KMoJRYpbJZQzpNrJwXA6OcAQ5_0mliUhaPApmQ
Title: Он - кумир миллионов, а посмотрите, на ком женился

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=290392&c=mAYGXz7DwPh8kpOfevra0gs2wHRXWHT8LedVg36MGn_cHmbMSPFr9o5ACOyNO_2a26s9ysIYqoq__bQtk_aCFBuxxecPDdnOCbGyalnMqAFCcyklJLDmsj-gOZg_3dPq9TiJ5kGfOsR6xfxM6A_YeVS_IlEm96LyhRml8LXyfFwCt8bA3_rBH6lLmGbPHITXBsmGBJ7GSub1PmwpWBAnbXWp1E7QPR7cxLw03i6hTtkt5VHel5WQExiYc66Wjtwa1eqpd9YsKZkhnIj4KJm7cXDSYxHOIvbnao9cdE6xsDGwzZHjk3t5m5OKzRyzIuyztKr4nuNZLJvc7JPXAMBGG_eNBgx1GjwFJ8Ui7-f4NjT_t4iUYJJB13H2gL9G7v4his7zfabaQDq-RfHxkWBRIHddRTRg38iUX0HtBQjDuWvbxo6NXiZuj4qDUOWv-i_QGmGenLVbnPqEjbkx9APCi0DSxDcMs7uWiAOgCeQP5CutVqkLFXF56369fgtM
Title: Женщина зашла в баню попариться, а дальше произошло невообразимое

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=277895&c=mAYGX74NgU6SPm8mebBDfZVgPFbYBfsUG6fVJiTAYPCbpdST4NUuVWBa5f25PmnduT9Enoi6Z1mh_LEjfDZ6uAn-Rs6a52RAW9zSaAIIFf4mb2UYhsjlahP8-3mMlk6HxiXeHAD5pKDYvWp8JJmEcq7MMeFMCOnBnzTxnDgxx2SgdeGfOH4IYhlOS7UaCbXc06uEC8ovHUgMo7ercrCNTtWMCqj5MwuS9rL4pSSxXGZAmxisN5fONSIT9iVqhAmfpPrdDQe4CU6ialfn6CifuDz-L3bfBp2ejxsJIdfvSVIukXZuChC9bkEiWnPUtGBpzljPNITQ1Q4UbpOMcMsfqD1hyTBMVSeV2Dk6FYUfsZ8CBqHxLdKb1ukvDNYZ15T6ylmIpDfZMwi9y02GS_Y6vPM4MPV1ja5UGYV-wA1PokZ39dJDqEWM5VQKmZkekbBUeSQaWdcFiTuG7qQrATmjt5tPvda2rhN7zaVoZHXr_djktL-iegvG3i13CbeD
Title: Вот и конец всему: судьба Донбасса решена

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=330523&c=mAYxiN-fbZPJQG1U8K9GajqOvglGajEpcMx8xW8YzwzWeKZc4SU4HkPb4FeOLvG_PTWwH6ivx8cyd4vaBBVxVwzVaJe_7NXu9HvZRH6q1U_7VueSjuu2ohWXvN9ToV3zSM3i3WYY0GWtKNHINtOBopDnuOnFf-RUNKNTwfaovVPntReAcfIp3XW9Rlh2Aanb6a4kY-FgyDel44qTLqxNAokPA5eZ_OjL_TqrZaZH_Hxt4MOiT17aR3JF28nTrZb9EqH3EJ5FXsP-Nod8y6erqmqP0eLjaCT4NuraKGegWdlvToqyQs6oqHmpk0s6FR6KmBGMSihcmcTvYYL1j2MiTWTAQzfWlOjDir1BX2NOdhuMdHJUQ2J2V3iXFFgt620DfHcE6S41pTk-huceFFMW-66jh3xP2TNKcYXtO27qsD570abrTUTgHEptgG4aYmgVhNLcic1n0C2ZN8cRjJjns_LKK68eBvI1R_ZDaVQYCHNVs-j-3t2-RMR3d-VYK4OsWDqnO7H_af0aLwIviE-SCDg7ik-L
Title: Варикоз исчез, а тромбы рассосались за 3 ночи! Избавьтесь от варикоза без операций! Вот что я делала...

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=288122&c=mAYGXnLuPN9Ul_4KgOa66xENFs4s3kB5QWYBKdcme0KZSLeRkOdu1Sryvt9cyQCOLe3G6He4NpsgBK3nnoBD-q3z46olMgZiN8Yj9MMAfW5n-4TAwgDgd9rPVKV1uDuXPb8z168ePZwCE0EAztR4EXW9aFBNKcc3UOjmfirmA96_SQSwjgRFEcVLblVDlzK8BMLb_PUyGsyqUc2MkWoJy5LqLjYnD0Sp6i8PgwrMa9fTPziOIY0MYSTDdWN4KbvkV8z9dRqF0H7qH0HaYRdixAB8AO0MCnDtEkGbQS5rjTgd6S24n3DqVCXJM5f4FUcQvZysLQHPM4T-JtxAUXL2uioyynKTjn-Xx3-_5qDUJ-36tRQx-kBQkf_7b5nAvywcpPbKFeJ5yAY-fTAZz5YqCw9YsWg1OjPFH-tQ9Tyu3ZXhCsb-K7z0opKv2HGw5Sx575RcKFE4r76ANflf2BBrudskaQLiOYGLRV0oDsHwbw1rDIE4nQIHp-7IJY9aEz2UNxoM
Title: 5 часов 58 минут назад Плохая новость для тех, кто привился от Covid Еще 445 181 302

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=344023&c=mAYxTUc80L3pup2_jtqEoajMX5WJRP8QCN_DH0r0ZVRH8INpCj_j2LFmOTC6njzKW0mqXx18KcupH4NBHeUyVWBeiVE0bOFeIMdA2FUFCl4ROSqAEyVtgOnRl9cka-rbLkVL53ZmvwT6Y4MUCAHU92BCHEJqYfitUjNHD3NlYDIrGvADVD3tb27oiJRk-jJwbIxWWyuxiRKQT-eBs83uk5Wu-LsB76Jj7DHym1QGNYCTL4i78SDnuObH7Ag0ZRkn7BcuPQKgm3BPoHrrT2Yq6CsT3QOp7Lc-XnCSJHbgLRkTxx6-DaPc3uiEq3ZWPSZfD-NlQtLbg3dqP51T-Nb9_meRy2GvqNe7YW65ekRlNeQHZLGLWA2pRErgJUGN4WPVJtkwLRqGjWNStqe-yoQUFDLDBTZwK7l1_5FIs6cv5GmpKtYlYqGdsXfA3OtkBwxPhCKovzaW0gPrXAUeWpU1y8clIIfeno8l69rHrsXjP01xPYGMHZkeSc9-SwC4_EzRzLNrpPev-5bFF_JWFieSBs9QQPtNdU2LtgLLBI6eJDOlVHuA
Title: 1 час 15 минут назад Ясновидящая Баба Нина: "Денег будет всегда много! Если положить в углу дома…" Еще 430 195 172

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=326454&c=mAYxTUHz2En28kS6fPA6l8Q4qSjYgH3kVrbMmu3tvNe_2P6EqsbYqK5UrP3P6XPR7-Tz8w2jBynV4l9eniRDdHJ6rgcPiephKqY6TS6FVimHbv2K1ixJ_CCc_A7Qr_XFMq0R2QXYep9WyWhZ69XFM5DH-lnhAr2zHsH7DdyIRQd6L9q1hr_yVvhiXb1fER64jq-fwOYbxn0B40AgONBHWtK8XrXhYmtnmPZoKAkO4xB4APNi0pNdf10aandLpuApJVg2-HxAtsT5ZMMEjJtgFaQd9aJh8twTVg1BRjkfwMDMH8giNlIcwH38azUsNDDNWwGPbuI7LTsgDIxrLxoFwyqXfQp2ZcMD7gLGim_YMwpBRn59dToLXV6O4cdl2m7OqLFJs0ptFPsMIRnPR9b3owv69VqJkhWUwPWfAW9js0B4nZFZAaykEOtod59jjDdhaqb5X0Pm44GKkx0pr3fMjhkPzHApzGQr8Ecb8aOeuRkGgVMzKqte-IMLFWCKNYB6p2plKgAjGC1aUR0adLMrmDkm_A
Title: 3 часа 57 минут назад У кого проблемы с давлением и сердцем, Мясников дал простой совет. Наберите стакан кипяченой воды, а потом добавьте пару Еще 481 142 210

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=320981&c=mAYxifZP4LTOg-0jUzJ86ZsvkCsWwC0KGH2zTrbcV57j076ygDIvRC8vpIBviibAkaEpRZyFTR9jYSddNtRYHfswtJlw7yvL4IlKtvZ_HIOxuPdKbdzmutlRykbnx3j2U9pVvspqm4W5C3IvcmsZYOxWp1OL-hFZmOuIbGLH-1DLyCICB02_riX-zhdHXoHum6Jx3HfhhuqfxiyGf5s_liq7vCG5xjQTOtQpGKg-OJsgirAzEe1DvbTUDOpKaLmx2Xnr9tjKjQSjn8bHyCfW-KZTdqY4GxAqYqz3uBxVJ3AvtOej4goUCdja_QfbWRN7ujXJPpDAN9aV5p4zSC2mB-H2lzzcmCKwQ9_1ohti6VNF2b1ShaDId6eJ2BboKX9Zx1BpLpA0IuzUhiz5YO4FPcW3Z2hOyl5jRbBVOGDslpPK-H7e-_659QFWaNRLOKlZtlho9YyHvku3fr3_s8g7sgIGUCM4PiPccCTGaY1FTUEpW2w9rY9tPO6L_vGufZjkGo1kA1Yv3iDppVIQireyKbFNxlpGun8
Title: 7 часов 14 минут назад Милые мои, каждый купленный препарат от давления, лечит только карман чиновника. Чтобы сбить давление, просто разведите Еще 185 118 315

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=324795&c=mAYxTUc5us6WnowHUzreyTx7WZKMykV6QlbRHKCYivI2gW1SkMm9yIvCYZCogQON1LVMMUOc3ujvRBV9m5dcc8sj6E1Zm1EM28DkOMiD7zyJOYPIRNt2pVeCeahpN4EIG0Ic003j7hQSFCw3f1yx7h1rWG3uQZ6VRWaXW_rVoT4H7OefrzBNQ1-7OEJ-rFyaEpxf3O79K51tLnSaCedCshJjUTFxYA5BOGYKy8HOXW7M2Nwhd8pFKEhHt04QFD6pfMmjwpIZh5FpTyv-2E3TWq1N69h-fZA4_qUhxQS3MulvrfQvrXSJRjEFUbsMzxjhKtqnDQ5AdHhEfWmAe3HJD-eHtZLD_mivPSxBOvvt63oQyXrbZyLIZG__b5NIidfAT8YmB1iXKb5i5IGAPQGfW5vh9K64ZdiL3y7Z1xE12toM78E6mgoKZh9hQOV2Pn5zfh8TET6RhoiIikFKtecrorIjFlt4-3sKTHzEQ7QaR1JDPEjHfPoki8_Aop0N5CS7CtC9gDOmx5VqiP2gnM-kYnwlnDsG
Title: Врач Мясников. показал, как сбивать давление за минуту! Не пропустите этот... Подробнее

Search URL Search Domain Scan URL

URL: https://www.who.int/emergencies/diseases/novel-coronavirus-2019/situation-reports
Title: WHO

Search URL Search Domain Scan URL

URL: https://www.ecdc.europa.eu/en/geographical-distribution-2019-ncov-cases
Title: ECDC

Search URL Search Domain Scan URL

URL: https://tlg.today/coronavirus_control
Title: О коронавирусе - в Telegram

Search URL Search Domain Scan URL

URL: https://vtufuj.com/v2/click?media=328291&c=mAYGX76E9Or1I-NMGna5Rer7HZeWnkJK4nGIiVjNzYoyC-g7tVurIUp6YGNMkCDb3gM0i9ScHc6cYBQr5ngWcS4x_vO56UAZ5Xs3i3sSY2eaw7FNsrMZp6-jvXeyS8RVixtWxKHg4FnV_q1Vtdi2VYjCBP-ku9qdlTQrtMp9lAwxzYfDD5kAMnSMRw_EXNHIQMZdrZijhz9lk_ptarqaajhEGyQ7nuz7qwyAs2MUvilGxkEI1MBzfwedVELxJGbsXPjhkn8mnkgu94GDU5hIUNG5drJhGw-G3Od77yBfcHrhczleOKIdBJ1uNkgUY4U-FeSCVFZJUdQlJ6QmNCeyOV5biAAYyaHgZF4NCIdOxpz7idd4FFEpl2gb_MypBhFckvUHTvgJmS_jIlekWvlzbnpKhRSvOKmHY_BgYY0LuGEirxnaN4Ye_wPrknyqAAh5j9kCJpp2M2BPKAmIOTbhHi1ENrv6NH6Rv3VXdW5ugdatNwiF
Title: Горбачев наконец выдал того, кто приказал ему развалить СССР

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronavirus-control.ru/ HTTP 301
https://coronavirus-control.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.yAxKLyiLy5emIdj9bUQfHLIqLwJmbcTnh2A-SjI1tv7xg4r0_A2EgWk4wrveZmMn.RraZ8H-kZ8GcdNS2KV_9pFPK3TA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9426.VScYPPjM57jIJb1vX1oVB4RTDz3TsO2abQzACGFO357tyT_66_srwRqelZagSYp6mQcgmDfe4Yds5oia9Pwpig%2C%2C.CPQeW3Ibnc5LU97JMSM_EjQ9WYQ%2C

Request Chain 68

https://mc.yandex.com/watch/60986833?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A106927641027%3Ahid%3A648861130%3Az%3A0%3Ai%3A202101014191138%3Aet%3A1634238698%3Ac%3A1%3Arn%3A1005657778%3Arqn%3A1%3Au%3A1634238698147714475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634238696902%3Adsn%3A0%2C28%2C135%2C41%2C130%2C0%2C%2C422%2C0%2C766%2C766%2C0%2C766%3Awv%3A2%3Arqnl%3A1%3Ast%3A1634238699%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/60986833/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A106927641027%3Ahid%3A648861130%3Az%3A0%3Ai%3A202101014191138%3Aet%3A1634238698%3Ac%3A1%3Arn%3A1005657778%3Arqn%3A1%3Au%3A1634238698147714475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634238696902%3Adsn%3A0%2C28%2C135%2C41%2C130%2C0%2C%2C422%2C0%2C766%2C766%2C0%2C766%3Awv%3A2%3Arqnl%3A1%3Ast%3A1634238699%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&t=gdpr%2814%29ti%282%29

Request Chain 86

https://top-fwz1.mail.ru/counter?id=3015210;pid=95d9010fa904054ac93997eba96c196a HTTP 302
https://top-fwz1.mail.ru/counter2?id=3015210;pid=95d9010fa904054ac93997eba96c196a

Request Chain 87

https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a HTTP 302
https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a&cs=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1

Request Chain 163

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWiA7BxXBHb6z-0zfGyvCwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1

Request Chain 164

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhAsnHHsRasqeiDc0vT15I&google_cver=1

Request Chain 165

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQyODk2OTQyODgyOTMwNjk3

189 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
coronavirus-control.ru/
Redirect Chain

http://coronavirus-control.ru/
https://coronavirus-control.ru/

252 KB
51 KB

163ms
135ms

Document
text/html

172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.4
Resource Hash: 4def09a6457f79aa12a271e82a7c2f1608c52a25c12883e6c610a72b23e4ffc5

Request headers

:method: GET
:authority: coronavirus-control.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-type: text/html; charset=UTF-8
vary: Host,User-Agent,Accept-Encoding
x-powered-by: PHP/7.3.4
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2reGXdElbdT%2BAZ3KN2kJvX5lZhQ%2FkCiIYOPesM82laGxB8Qio%2FQGbIwaOGYI5tPYNqI5CdHlRhzTERFmr6ZtIjhFgV4Q0MsWVh5zxHUtuTKdGh3r6ltkCN0W4TBhP14S3RQXG%2F6wcM7O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69e31d50aeed1f25-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 14 Oct 2021 19:11:37 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
location: https://coronavirus-control.ru/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF43rXrshDSCUYGGYsdvUbOf984yIEEd7bXDfRa%2Fanz7WNaaWMm98MLYaRh7NKss%2BtgQlxMNBKB4VDOB3KBaCtS1yjsCUIJYZbc34bj9IrSyh2SMu4os2OQSBGibM34Z9rGLipmC8HF1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69e31d4fdd5b702b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 nativerent.v2.js Show response
nativerent.ru/js/codes/ 12 KB
5 KB 175ms
55ms Script
application/javascript 84.201.172.198
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://nativerent.ru/js/codes/nativerent.v2.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.201.172.198 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: 924f19d6d5b861c56fff900df8daf8032c4bc5ecffa59067d1184c64fba14065

Request headers

Referer: https://coronavirus-control.ru/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 15:25:59 GMT
etag: W/"6165a907-2e45"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://coronavirus-control.ru
cache-control: max-age=3600
expires: Thu, 14 Oct 2021 20:11:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:12:05 GMT
server: ESF
date: Thu, 14 Oct 2021 19:11:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 19:11:37 GMT

GET
H2 200 lody.css
coronavirus-control.ru/wp-content/cache/wpfc-minified/l09fs22c/ 40 KB
6 KB 20ms
19ms Stylesheet
text/css 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/cache/wpfc-minified/l09fs22c/lody.css
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

:path: /wp-content/cache/wpfc-minified/l09fs22c/lody.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Aug 2021 22:34:52 GMT
server: cloudflare
etag: W/"6119968c-a055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYEEBKVp3v%2B96EikmXEUGqhC8iutXkvMA4Gtu6yMb4QTcxibxg780S66oCldp5zpLWeybN0iIhUlv7MMbaF2ZAZzFp8fljc2zbWax79lY78D3p9tPeOTTiIZzRiXbx9Inyv%2BNVck5WpC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69e31d51a88d1f25-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.31.3/css/ 4 KB
2 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.31.3/css/theme.default.min.css?ver=5.3.9

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6c804c4d4e790df0d700a4a214ef7fdaaa0666aaaff3269f7ef735dff5a484c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 318677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1153
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLY8e0SQBv9%2FwwzvdeuTMFEzqUrC1FVobXRW4l7HyjVEOGE%2B48Fy6%2BX%2BQ5HdVDRlgHNMndRUw%2Fh91yQrL76ErWTzX9hdKdaTMTWlZ3OUUZb48DZPvJPZjJ25zw7TGuVTRi5S8s%2BcyTzsAojEj7WY8Jbu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69e31d51ceee5ca4-FRA
expires: Tue, 04 Oct 2022 19:11:37 GMT

GET
H2 200 lody.css
coronavirus-control.ru/wp-content/cache/wpfc-minified/7ki1m56h/ 139 KB
19 KB 40ms
40ms Stylesheet
text/css 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/cache/wpfc-minified/7ki1m56h/lody.css
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf03950b0120085a09249cd4af8f12bcd283397159b507c53318a3edf6b86eb9

Request headers

:path: /wp-content/cache/wpfc-minified/7ki1m56h/lody.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Aug 2021 22:34:52 GMT
server: cloudflare
etag: W/"6119968c-22a9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz%2BDC7G5Cr6zhh%2BQkggDu%2BRTDAF9KcvgiUMzwPzjZ2iJeYGWvduueO2ChRygbdZB2VKzVtK%2BMt%2Fhct8C%2F8XBC%2Fjyj0dv180112O9SN%2BsBz05lxZoyAt64BLtItQXKZNO9eRijQhOkld0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69e31d51b8a71f25-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lody.css
coronavirus-control.ru/wp-content/cache/wpfc-minified/87zmaaqe/ 22 KB
5 KB 18ms
18ms Stylesheet
text/css 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/cache/wpfc-minified/87zmaaqe/lody.css
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d86f2706876d0af8e4d3c1464569ec9f178c065cc3c41bbfcb78423c82d3e1f3

Request headers

:path: /wp-content/cache/wpfc-minified/87zmaaqe/lody.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Aug 2021 22:34:52 GMT
server: cloudflare
etag: W/"6119968c-57cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNxZPzB31pHpexxzEzVMIIhI9pBDz6udIPdKV9SAsJzgl8swZzRonW5DkbxRCEYZ5NjIWDtbgXwbBvx9IrURmgfC7eML2hzuZgkngcehqxErQizIlbRGpQoF9OXfTBc4KUHx1oCYjocp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69e31d51b8a91f25-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cropped-logo-50-50.png
coronavirus-control.ru/wp-content/uploads/2020/12/ 2 KB
3 KB 15ms
15ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2020/12/cropped-logo-50-50.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 957caa0d54620e5c643e5c227f5fb22e55f530c8d1f2c438f3676bace46aaaca

Request headers

:path: /wp-content/uploads/2020/12/cropped-logo-50-50.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2174
last-modified: Tue, 08 Dec 2020 18:45:18 GMT
server: cloudflare
etag: "5fcfc9be-87e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLKYLADfuTZ6qCNqNKLV75yI5o6nXKRrLsULeHYZOplhsFsUML6Aer%2Blg%2F5JEOwHBuTt4hJW1MgXp3Jmt5i%2FvGEcLv%2BvUOmKFaivssbkTpWqqgqHEJEH2IBUrstj1594HKjvxrRSQ1fy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d520be84ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 chetvertaya-volna-koronavirusa-1-300x200.jpg
coronavirus-control.ru/wp-content/uploads/2021/09/ 11 KB
12 KB 16ms
15ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/09/chetvertaya-volna-koronavirusa-1-300x200.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6bc644fd131902910e108e87845ffc2e9907f0dec76d5cd98dd31b896b916fe

Request headers

:path: /wp-content/uploads/2021/09/chetvertaya-volna-koronavirusa-1-300x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11560
last-modified: Wed, 15 Sep 2021 23:13:38 GMT
server: cloudflare
etag: "61427e22-2d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5mlgCuEXwRpILoPLSPT2f4hNm9w%2FZgm68wT0CKAo8xLn%2FxcO3LBRJhYpcKrdiiL7z8JiQQ0VKsZ8mjEtdaNuvi1zU%2BgJLsOpgiSarG%2B%2BAOFkT4YEsxvkZh8BqimnKjhlK%2F0k2x0mt9M"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d520bf44ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jota-shtamm-koronavirusa-300x168.png
coronavirus-control.ru/wp-content/uploads/2021/08/ 38 KB
38 KB 23ms
21ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/08/jota-shtamm-koronavirusa-300x168.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc028e6a4dd3ba0682e979bf20cd4d090600224f399a17cc3a9f7f5a95fbf92

Request headers

:path: /wp-content/uploads/2021/08/jota-shtamm-koronavirusa-300x168.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38732
last-modified: Sat, 14 Aug 2021 13:56:18 GMT
server: cloudflare
etag: "6117cb82-974c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LliWgU4ebTtKrSk9w4aGUJSAs2BH7%2FdRucQGmdZZ03ds%2FjRdnMvOiPdYxa1wNN%2Fy1X03X4jNxYAWSnGGxwKnIQxptmUlLpQVz8AUBUWMODrPAJGhsCWpj3RwGpDRni9oEhD909XM43bl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bf64ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 medotvod-ot-privivki-ot-koronavirusa-300x200.jpg
coronavirus-control.ru/wp-content/uploads/2021/08/ 11 KB
11 KB 32ms
30ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/08/medotvod-ot-privivki-ot-koronavirusa-300x200.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1930e5a2ff42013486abcdac7517f36b2af75010327681cb1fed1e1e793c89c3

Request headers

:path: /wp-content/uploads/2021/08/medotvod-ot-privivki-ot-koronavirusa-300x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10838
last-modified: Mon, 02 Aug 2021 22:32:20 GMT
server: cloudflare
etag: "61087274-2a56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kc6QIlGkVYkhEwKueStKTNFKS3znjRM3XWFslldID9%2FfjuY7066JuMqWYd93eiNq3yHGkjcsqkwuMvZp3MDQWyeQSTfOeTuev1ZR%2BRZCvOFheaU019YgpyyAnTynn%2FfwkULxmZ%2BJv%2BF0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bf74ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 kishechnaya-forma-koronavirusa-300x197.jpg
coronavirus-control.ru/wp-content/uploads/2021/07/ 14 KB
15 KB 18ms
16ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/07/kishechnaya-forma-koronavirusa-300x197.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81a864cfe171c91ec45e8321be82a400a0e76681fdca0f8d7fdd296791f2483

Request headers

:path: /wp-content/uploads/2021/07/kishechnaya-forma-koronavirusa-300x197.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14342
last-modified: Wed, 28 Jul 2021 13:47:59 GMT
server: cloudflare
etag: "6101600f-3806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r6jQe89qYvhuuyD3%2BWYU83F5U9b5GJi2OAEDrqqNISNkdVbBF9hVI96GtPZXRog1D2w96HXYSBCXiuD6spV2q8c0aX7Qc%2FmS%2FLuI7a%2BzpPZ2V5TZjD4SofeaNN6JnAke8%2B619i26wvP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bf84ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 antitela-k-koronavirusu-300x169.jpeg
coronavirus-control.ru/wp-content/uploads/2021/07/ 12 KB
13 KB 34ms
31ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/07/antitela-k-koronavirusu-300x169.jpeg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af695981c986ae02aa91e8c3e1919236e1e920d0a2cddb498f5f9195ba50b461

Request headers

:path: /wp-content/uploads/2021/07/antitela-k-koronavirusu-300x169.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12422
last-modified: Mon, 26 Jul 2021 22:22:27 GMT
server: cloudflare
etag: "60ff35a3-3086"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BfRi8jMv407CFVX80Mmw0Y0eJkq9BnS9Zpgade7DuuayAWQreqWz7dXEr953iaIRBGW26wLf1M2zmarowUU2riACI6JWcsvx6wfyGXRqVBxXoYgMnpRIQ6JqwfxeBqEBY%2F3QfK1hUNV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bf94ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 kak-stat-donorom-plazmy-posle-koronavirusa-300x200.jpeg
coronavirus-control.ru/wp-content/uploads/2021/07/ 15 KB
15 KB 24ms
22ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/07/kak-stat-donorom-plazmy-posle-koronavirusa-300x200.jpeg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b177986f3f9dcccc6c1a04fe8cb3f4b374fb990dec646d9dd0283c0938af1909

Request headers

:path: /wp-content/uploads/2021/07/kak-stat-donorom-plazmy-posle-koronavirusa-300x200.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13377
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14899
last-modified: Sat, 24 Jul 2021 07:33:20 GMT
server: cloudflare
etag: "60fbc240-3a33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BZfjM%2Bn1UPCHj2F8hWsPvIV0oPHN3YWE9%2Fr%2BFBP%2FLEBMTM4ISH8khYkiXD5JjyJ7PrrmcBGW3gSZ3d0Z3IktV1YLHQ58Vve5JjSQhZ8DWv6g8oips7r0AiUgC80RSXWGiLN9XVsH7kv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bfb4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 03-10-300x186.jpg
coronavirus-control.ru/wp-content/uploads/2021/10/ 9 KB
10 KB 45ms
43ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/03-10-300x186.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61537cc8758e228c7f090e22ccd8397602fef4fb89d9b54980cf2404f06cf3b

Request headers

:path: /wp-content/uploads/2021/10/03-10-300x186.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9366
last-modified: Thu, 14 Oct 2021 11:30:19 GMT
server: cloudflare
etag: "616814cb-2496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X40QwhoVqXD%2FedNuUUAY07jTUHrADZ2IaCavGwuVC%2Bx76%2BRSYcyLmxuCmZnwTWzJLV6qKPCJB7xXZzWlZnNzkJO0V3%2F7PaXqS8F%2Bp78Xkw5ymSuSop4XYyoml%2Bkp8GZttd%2FLXvxN0MmI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521bfe4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 02-11-300x186.jpg
coronavirus-control.ru/wp-content/uploads/2021/10/ 11 KB
12 KB 45ms
43ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/02-11-300x186.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27650cd009aaeda498884eb1a1110a62464400d83e72041ce0976a6bde69d97e

Request headers

:path: /wp-content/uploads/2021/10/02-11-300x186.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11631
last-modified: Thu, 14 Oct 2021 11:26:59 GMT
server: cloudflare
etag: "61681403-2d6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZo9nase6jKvBc58NZdUtzduLp3yxHPOa0CfQ7JmZtGTXu54c1z%2FTLcmWPiJfyLUJJWwnNS3U%2Ba357h8t5HZNa1At%2Blc9LcsJKnL0lvawkzxNRThl4zYoiQm37m0PRc8ywvr7fKm5oki"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521c014ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 01-13-300x200.jpg
coronavirus-control.ru/wp-content/uploads/2021/10/ 17 KB
18 KB 46ms
44ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/01-13-300x200.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53fa30763dee25538e58a35a51ff9f26b633f860168f4ec2cf0bbd9b13b52630

Request headers

:path: /wp-content/uploads/2021/10/01-13-300x200.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17415
last-modified: Thu, 14 Oct 2021 11:22:40 GMT
server: cloudflare
etag: "61681300-4407"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtGad6OsYlKE1tdcV63rIcY5ObU26LqhBqRWJvOBmyLzw%2Fx7Sq3gFkpmqhOfHbUbcbNu77XPOVeMABKehPKdhFucHqgaTn9WWwgoqLPrwn%2BvJhxcKtHmJWYGgQjgokwfhS%2BZUdqFP2Iy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521c034ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 03-9-300x191.jpg
coronavirus-control.ru/wp-content/uploads/2021/10/ 7 KB
7 KB 49ms
47ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/03-9-300x191.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd0b4241e71938501619ac77452ea8dda8273b216f1b48675f905957a345e72

Request headers

:path: /wp-content/uploads/2021/10/03-9-300x191.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6667
last-modified: Thu, 14 Oct 2021 08:01:40 GMT
server: cloudflare
etag: "6167e3e4-1a0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp8NRdKovAQzIgKeSM%2BZqYmMvtB3VTss0J83Mo6Yg45SeY4ETjv7C4l%2FsoCzwli42Vbea6NdEUZhBA0WjOAz8VU94P9Cs%2BA9cSiGDhts1mSwvC533rYawOwWWFedozDOlocYekgnUGMP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521c054ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 02-3-300x168.png
coronavirus-control.ru/wp-content/uploads/2021/10/ 31 KB
32 KB 50ms
48ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/02-3-300x168.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec81b70838d9a30dba7458b8b6197ac39c6227ee7bbb4a06ef7c197cef7bad9

Request headers

:path: /wp-content/uploads/2021/10/02-3-300x168.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31782
last-modified: Thu, 14 Oct 2021 07:59:16 GMT
server: cloudflare
etag: "6167e354-7c26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJe%2Bpd7LQUOEJjMuf0S5hiUnSDPmDHtbJgQEoW%2FsPCttfpW4efVDik6NKV%2FrTLPO9aU9Zw7xBlIViLF54UpduN8tjH9Whk1Qd9FAeu%2F7GuF0obp9Wss5BxUOCwB2CUzn2FE7SMm8jUh8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521c074ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 01-12-300x191.jpg
coronavirus-control.ru/wp-content/uploads/2021/10/ 14 KB
14 KB 53ms
51ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/uploads/2021/10/01-12-300x191.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df9f136db27ac681e37115dc151d8ad20ccd198b5fdbd8a392205de21add57bc

Request headers

:path: /wp-content/uploads/2021/10/01-12-300x191.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13495
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14040
last-modified: Thu, 14 Oct 2021 07:54:32 GMT
server: cloudflare
etag: "6167e238-36d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBjkFu49DnRKHzi4ITafpuBk0hz0wYpKEM%2FC%2BbLP%2BgYewTY%2FtSxnmPUzXLteEEdl6zT1ZCqLj%2ByYp11vSKuYTV0cqrb5xyr%2FzxImhkmfpMUkc%2FXt9NP4i%2Fq%2BeBfZfDw5T4%2BNaFl9kmsB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d521c084ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 553 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56d5f97ea714ee4f3569f497e69d174562e352b99e01f9a4c26a996a109b9529

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 map_wrapper.jpg
coronavirus-control.ru/wp-content/themes/generatepress_child/new_map_stat/ 80 KB
81 KB 44ms
40ms Image
image/jpeg 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/new_map_stat/map_wrapper.jpg
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d63519d8b3afa0190e55d25b79219e5193e0c6a6e069a77a9928b376db0a8b8b

Request headers

:path: /wp-content/themes/generatepress_child/new_map_stat/map_wrapper.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 82328
last-modified: Tue, 02 Feb 2021 14:18:07 GMT
server: cloudflare
etag: "60195f1f-14198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VstbtMGgJ3NPqKEZd362d5WXj1solLAUblA1vUFPHWGTxyP0tzDY8Km2GDNnyoyffJN66rju%2BbE7B7oLQWdOKTxsmSRMzzIwozhu4NSqIiYPuBfzY1tOjSh%2ByOzVZHkgtbLsx8gHtBrJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d522c274ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 50ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:41:26 GMT
x-content-type-options: nosniff
age: 142211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 57ms
16ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 95996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 55ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 95992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H3 200 generatepress.woff2
coronavirus-control.ru/wp-content/themes/generatepress/fonts/ 1 KB
2 KB 49ms
48ms Font
application/font-woff2 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress/fonts/generatepress.woff2
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Request headers

:path: /wp-content/themes/generatepress/fonts/generatepress.woff2
pragma: no-cache
origin: https://coronavirus-control.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://coronavirus-control.ru/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1264
last-modified: Sun, 15 Mar 2020 21:27:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSXddcc50VUnhX4Safd6s1U7YyKgFt9QD3BNPMoZwVbbyUU%2BkSR3RvH61HJ2UWszaiVX%2FuuT91q6KfXnQi%2BuhV6CB54JtiVnZoxgLBBzw88CYpchvXu3%2Fjm0dV6uoddo19Fowfe6aRxU"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 69e31d522c2f4ebc-FRA
expires: max-age=A10368000, public

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 58ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:34:35 GMT
x-content-type-options: nosniff
age: 95822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:34:35 GMT

GET
H3 200 email-decode.min.js Show response
coronavirus-control.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 17ms
16ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coronavirus-control.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 10:51:03 GMT
server: cloudflare
etag: W/"615c2e17-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F%2Bx8h%2Fd0g01k8k8fGRFmMsVOK88InbwrQdZHmB0xftrdb6iG%2BuDWrfz%2FREGQRzHS%2BrY3FyBKY0fOyeLs3gSbNFgNvkq5vIL77NC1tRhWlaW50TDxrTj7FsJxaMBKpapZxvFZfuRpNFl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e31d52fdb64ebc-FRA
vary: Accept-Encoding
expires: Sat, 16 Oct 2021 19:11:37 GMT

GET
H3 200 reload.png
coronavirus-control.ru/wp-content/themes/generatepress_child/ 8 KB
9 KB 19ms
18ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/reload.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9cb612b2c9f36acd8d7792621d77e5157b8a60ef4e3f344778df2e1bac26af

Request headers

:path: /wp-content/themes/generatepress_child/reload.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8192
last-modified: Thu, 26 Mar 2020 13:00:33 GMT
server: cloudflare
etag: "5e7ca771-2000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYXyz6v%2BtimVaL7GcLg1QphEwOBtFFcljagMDtIUMn4ZFXcxUHbvYAdXSjOrz5Ln0ZufyFqEMRJZ1wH5MlSgTxlpGss2dfXLIQRM8fLhFL5SCgIUDTw%2BbCbtwzpg8h8LDE8iVQZsjakm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d52fdb94ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tg-20x20.png
coronavirus-control.ru/wp-content/themes/generatepress_child/img/ 872 B
1 KB 21ms
20ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/img/tg-20x20.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6372999f8fde0b2c48ee0f244d80f019fc417b62bd5319eab367eeebeb24a394

Request headers

:path: /wp-content/themes/generatepress_child/img/tg-20x20.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13580
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 872
last-modified: Fri, 17 Apr 2020 14:34:08 GMT
server: cloudflare
etag: "5e99be60-368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpS2nBWoC9ZTBBL%2BziR1zA776qBlQRhifiuSdjGa3DBnhNNHuEXCJ89XsxhO1ds7ndNFLWz9e37uIidxmzG5pm%2BipYfhi0LA4rak%2BpyjVgiwjnLQDnBtA%2BsrTakTDECSUpiESG36N1%2FZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d52fdbd4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
11ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 10:51:03 GMT
server: cloudflare
etag: W/"615c2e17-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jsyuj7U4smtW0vMPzjx0jsDGgWmHNhcRXyvx6lv2dzhEeoU7O1%2BGkP1d55qW7p8Xtzn6VU7m%2F3pN1egH5fxa6tN%2B60t3uHQ7jmud%2BXdgpsv1xH5kV2HbvmYAnrWc4VeW30Qwmh%2Fzl5PY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69e31d539edc4ebc-FRA
vary: Accept-Encoding
expires: Sat, 16 Oct 2021 19:11:37 GMT

GET
H/1.1 200
OK zR.js Show response
vuoffbvzcvdsc.com/lMNg/ 46 KB
16 KB 76ms
8ms Script
application/javascript 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vuoffbvzcvdsc.com/lMNg/zR.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7e710da886dbc47aeb0628fea8a38821222685272e16bae45fa4728cc464f51b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 19:11:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Jun 2021 10:53:37 GMT
Server: nginx
ETag: W/"60cc7b31-b8fa"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=15
X-VARITI-CCR: 1381604197:1
Expires: Thu, 14 Oct 2021 19:12:37 GMT

GET
H/1.1 200
OK sjplugin.js Show response
sjsmartcontent.org/static/plugin-site/js/ 127 KB
39 KB 186ms
64ms Script
application/x-javascript 82.202.167.216
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.167.216 Moscow, Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pistotita2.slickjump.org
Software: nginx/1.14.2 /
Resource Hash: bab858c45f4c99c9c2da8cd733c3dd1f3142e07c8dc4d1f703fe8e4c4a76d746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 19:11:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Oct 2021 10:53:12 GMT
Server: nginx/1.14.2
ETag: W/"61680c18-1fdbf"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=18000
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Fri, 15 Oct 2021 00:11:37 GMT

GET
H3 200 wp-embed.min.js Show response
coronavirus-control.ru/wp-includes/js/ 1 KB
1 KB 29ms
29ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-includes/js/wp-embed.min.js?ver=5.3.9
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.3.9
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 08:51:56 GMT
server: cloudflare
etag: W/"6077feac-56f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOEGoAPGF46AT8E7VSdEErqHLAJARhjhhkKklX30dXN3dKTW75mJZj9SvGpoyFTxnVzT06uOdKvfIBhKJv4TjEQBgLzKNOjazgf91Vf7x%2FAaWLBwr1azopA7D%2FKpGN0LZvJTfENmlmp%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478984ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 map_script.js Show response
coronavirus-control.ru/wp-content/themes/generatepress_child/new_map_stat/ 716 B
944 B 16ms
16ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/new_map_stat/map_script.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143555f8cb5122b029f655ce1db7f3e3ebc7fbe8d85d29aca2bed3bbe3286745

Request headers

:path: /wp-content/themes/generatepress_child/new_map_stat/map_script.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Feb 2021 16:26:37 GMT
server: cloudflare
etag: W/"601c203d-2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBPdNTOFODR7G4364TmiP%2Fdvsmzj%2BWUCwTB%2FzE28YFZ31%2Fj64ztpXNmaWRIeZpLNgbEUzHtMCh1DysosTGkgyt1CAYKDXWQuIru8Vusqkzxkv5whLfHfQ1pUkfbFwvi%2F7M3h4O7Sx8Xl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d54789d4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 modal.js Show response
coronavirus-control.ru/wp-content/themes/generatepress_child/js/ 314 B
782 B 20ms
19ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/js/modal.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8abba04976ac12cfe694efcee54f086748697ac7726da30a10fce2ee264c4d3d

Request headers

:path: /wp-content/themes/generatepress_child/js/modal.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 17 Apr 2020 14:26:28 GMT
server: cloudflare
etag: W/"5e99bc94-13a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUeIiML9HVkTl9LxNhRpgFUgcyKcgRiYrLYXAseOfEH2ZBw7A%2Bmrn3o3yR4tV7HQRTKPFp5mC1oeUA4wKs4EVl4VvP%2BxauXxEWyhG6me%2BlX1Wq00v7iRgBJuCBRbkC9ONuSvg7zDQnUI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d54789f4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 a11y.min.js Show response
coronavirus-control.ru/wp-content/themes/generatepress/js/ 2 KB
1 KB 16ms
16ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress/js/a11y.min.js?ver=2.4.63
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1

Request headers

:path: /wp-content/themes/generatepress/js/a11y.min.js?ver=2.4.63
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 13 Apr 2020 17:59:27 GMT
server: cloudflare
etag: W/"5e94a87f-87a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9G0Dwb26B7LzXjuLlMCx2xVY8JbADD3St1uKN0PNRG4u03OkLIkp4SuBrcIRlnaNCcxYbUNN1fK4fyR7eQvg3th8g%2B2Pw0D3nmEgpIgj6tqZ4FZejAT6%2F%2BV8OfFKIyEbFBX3PjTKJBl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478a04ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 menu.min.js Show response
coronavirus-control.ru/wp-content/themes/generatepress/js/ 4 KB
2 KB 16ms
15ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress/js/menu.min.js?ver=2.4.63
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7b7fd22a41be99838da0aaa6a8c24caa6af561e17abddbe23d2d2244e4a215

Request headers

:path: /wp-content/themes/generatepress/js/menu.min.js?ver=2.4.63
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Mar 2021 09:50:36 GMT
server: cloudflare
etag: W/"6048966c-1026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUE0nawWkyUug4vz%2B5RiP%2Fu0TXUA4HNtK8UECMrG8csV%2F1EsQvNaDTClRJoOnCS3jUU2CpVUqei0H3UZ%2F3ExpwYdEYUP9QayVb%2BpIrfW4BvC7901ukRSv7CZBBigz3deJk0KPR0NMOnw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478a14ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 postviews-cache.js Show response
coronavirus-control.ru/wp-content/plugins/wp-postviews/ 133 B
716 B 16ms
15ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405

Request headers

:path: /wp-content/plugins/wp-postviews/postviews-cache.js?ver=1.68
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Apr 2020 15:28:31 GMT
server: cloudflare
etag: W/"5e90909f-85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVWAxI1NVG%2FpnwNwc9a5EBZWXNlIOMm%2BedJgqA11kLeMovgNksvXsCHKs1xxTVDH67S6mSUay6CE0saewVQgUScsWk25S88SylCQiQUbdfl53yxeN5O4Ew0F9SIo2djB9QvYl67XTDyP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478a34ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 postratings-js.js Show response
coronavirus-control.ru/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 17ms
16ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

:path: /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 13 Oct 2020 12:07:04 GMT
server: cloudflare
etag: W/"5f859868-d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIt14gbtjTKW0V6kYPR7prIqUjrFmCe1CbD4WopGMX0O3hgfQe%2BKUBOEkaQwAoubDYiMttEaj9Q7IoDy0j52q60szCCjUW86cJeHIHfXGq1GPkAHmjIz0P11lnQ8VrNCtrmCV0chDVvJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478a54ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 page-scroll-to-id.min.js Show response
coronavirus-control.ru/wp-content/plugins/page-scroll-to-id/js/ 25 KB
7 KB 21ms
19ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.4
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cab41c2cfecaf3693fae7741237d338c8fbf2f6994b8fcc6fe15facb1449a08

Request headers

:path: /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 15:03:56 GMT
server: cloudflare
etag: W/"6102c35c-6266"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnQjGO1ZzTkWfmjScveKcZSDMRQm%2Bi1DolQLuV527QucmOB3r3KoihywxNKi7uXpDabFnosQdLKJy3RMORUiKtVSxAb08CeUfWgX55oSH7v0ycaorrn3ENWhBWvAMDtPkXdOxkG3G%2Fcs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478a74ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 smooth-scroll.min.js Show response
coronavirus-control.ru/wp-content/plugins/gp-premium/general/js/ 7 KB
3 KB 19ms
17ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=1.9.1
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d542ad079b781a4da44d19f031c0d57e55dcd92ec50f3bd9e1c95dba077c0dfa

Request headers

:path: /wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=1.9.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Mar 2020 21:28:19 GMT
server: cloudflare
etag: W/"5e6e9df3-1ae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GR%2BoFdUSKJlGUBs5bhbLDwrTBkxVaGEJIpDOHC%2B7U1rQtS%2FMwi8vGTGgAL3yGtjPxLgshA4gfX%2Bo6iPt0ifM39kWQ30h6XwVANSPpA%2BXouW%2BrykiMALNmIrn5JY0ZY3UpPeOmhVQZ5%2Fv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478aa4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 scripts.min.js Show response
coronavirus-control.ru/wp-content/plugins/expert-review/assets/public/js/ 12 KB
4 KB 20ms
18ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/expert-review/assets/public/js/scripts.min.js?ver=1.7.0
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84

Request headers

:path: /wp-content/plugins/expert-review/assets/public/js/scripts.min.js?ver=1.7.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 19 Aug 2021 07:54:55 GMT
server: cloudflare
etag: W/"611e0e4f-2f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drv7PJiMdrWe6dKvCqizlYFBzIMiqbceQ2UlPJ9eky790goNwihvWesxtaVuvOKn%2BRhZkJEF88LmdnTRJLJJGCLt1sIUux13%2FyJ%2BVQXey7L7e7CSeyWC4XOr31gMyMBl11YLQ5WfHMD2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478ab4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sticky.min.js Show response
coronavirus-control.ru/wp-content/plugins/gp-premium/menu-plus/functions/js/ 8 KB
3 KB 22ms
19ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=1.9.1
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca8f376454d73019fd5c8f520be035748813ed6a7e0a97df4a8e6360d0f51d72

Request headers

:path: /wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=1.9.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Mar 2020 21:28:19 GMT
server: cloudflare
etag: W/"5e6e9df3-20e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psu0JyS59Cl45sGMdJ3K4emWJxfyfBJpXNHCPWWH%2FFKuSfUibvj38Vuog0jPiSVYwVoBISiDllvsZUQhyaaadYHhvB3a%2B0pJ%2FiL3hzHRBgMmbpMKJcAKeEbGy3TTgqZvm5xJmyOTiqNo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478ae4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.js Show response
coronavirus-control.ru/wp-includes/js/jquery/ 95 KB
35 KB 26ms
24ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-includes/js/jquery/jquery.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 15 Mar 2020 20:43:12 GMT
server: cloudflare
etag: W/"5e6e9360-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtCewbH%2FOF4uSrsIOjAw%2Bt6tRFSW5RRJuIu9r6WXzNE0Ms3zA1yDxWoGBMKFugtXUz4SIYvnGqj5ZeNX1YTlcO4Nf%2BoStUueRalI%2F%2FvaeIxrrXyV%2FzBnX9x7DDfwmqE1MSAwwBDWeaHy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478b24ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 home.js Show response
coronavirus-control.ru/wp-content/uploads/analytics/ 42 KB
8 KB 22ms
20ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/uploads/analytics/home.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2fc9dadaea8d42c6cc4ac651182f6044ebd08ad132929e14f208bf1f447cbaa

Request headers

:path: /wp-content/uploads/analytics/home.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13563
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 24 Aug 2021 17:21:07 GMT
server: cloudflare
etag: W/"61252a83-a635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfffTXWj8QO%2FnzR%2BcyxjQNjg56ZctP5QAiyS8JtYkrUNMgFYUXYqk3d8DQSLfrQmMOOSSWNpz9lPdqBP7Ujh6Rbv2%2FZugXJn8EtguofD0LTq8tGVmR2L0gVwqro2AKh%2BjguPJaNrxVwF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478b34ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 index.js Show response
coronavirus-control.ru/wp-content/uploads/analytics/new_js/ 639 KB
105 KB 60ms
57ms Script
application/javascript 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-control.ru/wp-content/uploads/analytics/new_js/index.js
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db427c2e96827499e58501ed43a4a3498da88c64ca4f5cb7a4f59fb8db2957e

Request headers

:path: /wp-content/uploads/analytics/new_js/index.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13548
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 14:45:03 GMT
server: cloudflare
etag: W/"6168426f-9fa80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfByAxEIgTqwr0GBd3ugOqbYUa6Hji2DqimtR4O3cOa%2BvRCYskXVljwhzfS%2Bs6lopWrq6mGKe94jz62sE8BZ1JknCvFPybf0ff7TPRz%2BCIj%2F%2FV%2FM0jAPbj8WG0DAG22prvp4aHWcAJup"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69e31d5478b64ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/ 169 KB
45 KB 17ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.min.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478a6a70e615f25b7bb27c4c40efc749b5421513cc76b84014c1febebf608982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 318726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46101
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:03:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cee-2a30c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HXyhoA7xqeJUKBEMVgNJr2NvzG1kfSq55tlusE56BZE1Kt337ipxQUeoHBjvc8J15uOfYOPUsFhP7y5rPdl%2FxpmpqQmOchABJEqK%2FKV7Rc8TGe0gjO%2F2kRX2rA2o5H8ZaTsM3%2FPKwmzkH97qhFflug9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69e31d547d965ca4-FRA
expires: Tue, 04 Oct 2022 19:11:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 105ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36ed54961b1bd5e47fdc1b5d6cc416257f5c0134759b5f8cbe9a2eea37b75549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51446
x-xss-protection: 0
server: cafe
etag: 7362972479913708994
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 19:11:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 69ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-102245387-2

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96f260d0943ba0fc12a54bae1b2d648f2309b5c1de81056ccb815f38d3f5385d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38561
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:38:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Oct 2021 19:11:37 GMT

GET
H2 200 data.js Show response
code.highcharts.com/modules/ 16 KB
7 KB 64ms
26ms Script
text/javascript 2606:4700:20::ac43:479a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/modules/data.js?ver=5.3.9
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:479a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c4dcc7bb0ec9a3b08eefa0ff661fbb4706cc2fd874a7026835e45472e0dcfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2332
x-amz-request-id: JEJDNQ63H58G1P16
x-amz-id-2: tFQIW84Ywh1MNmMYB0kUIqjyKdcDzw/ETKxM/Quqs6ppOpNRmv4iKNJ3srq5/Fr4DHx05BwxNKY=
last-modified: Tue, 24 Aug 2021 12:34:05 GMT
server: cloudflare
etag: W/"bb931f607cdea454f91cb4f615434dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XeOlG0ySREcZpoBqrclBfCBGI9nfUNwybtbaYrH4Vq1R%2ByXw%2F9Kox%2FJrpnr00o3i%2B161dKBWhKzzVENjJPKhna9PeLRzd0s7%2FwUhRNHSYG9a%2FgucCL%2FY16FZCLFmq9mhWI0lusgW3o6G2MKHVo1dgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 69e31d54beea2c32-FRA
expires: Wed, 25 Aug 2021 12:33:52 GMT

GET
H2 200 highstock.js Show response
code.highcharts.com/stock/ 390 KB
133 KB 93ms
55ms Script
text/javascript 2606:4700:20::ac43:479a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/stock/highstock.js?ver=5.3.9
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:479a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc12354c468db9133c26a182c8d2ec91f07a9e8df2d50b8cc7483445103c3955

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2332
x-amz-request-id: JEJ7S5VQ9XEM44BA
x-amz-id-2: 5G08LUm5pVBwXcroGM1Ziv1OmnQs6srQB/V0rQpT/SnAyAiNcd5f/UItBof0YyxzzChD8eQdh48=
last-modified: Tue, 24 Aug 2021 12:34:38 GMT
server: cloudflare
etag: W/"f6c786bef557a059f91fdc53d70aea29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egXZ%2FYCQdq1sSWFVo7XaP1Q%2FyNseOSTK3xgQErx1yLMZFb5yH7H5Q6AciHeU8kHu9HCRmaIQ3E6gRMepn1xwas9Puf8jwKfnQLvEQimNKi%2F%2FopbD%2F1qApi8Jtvy7ZWPbhQsHIGm5R835xmehPa6hFpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=86400
cf-ray: 69e31d54beee2c32-FRA
expires: Wed, 25 Aug 2021 12:33:52 GMT

GET
H2 200 jquery.tablesorter.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.31.3/js/ 43 KB
13 KB 26ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.31.3/js/jquery.tablesorter.min.js?ver=5.3.9

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76d187d57700c8aa2932e8b9c76d0a9cfc6e1ae4b1f51b3aa62241ff83aabba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8993029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12832
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-ad4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTxBGmkbmN3MWzQ2P2bBMBWNxVtPKzxW2HRXCP9IuZeEcRAUsIfEbe5WYgOtj5N%2FrsHp5SHLnGVWZ6gDOAr6RGjVANDt%2B3iT%2BjDLWpURJqYFTx1QU5OCBEEyPpmHz4CquMuFo94ecVFGCcwJYZctrn8E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69e31d547d995ca4-FRA
expires: Tue, 04 Oct 2022 19:11:37 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 81ms
20ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js?ver=5.3.9
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1634238697.dop009.ml1.t,1634238697.cds220.ml1.hn,1634238697.cds012.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
39 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSWXV3S

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bce8bbb223b34cb93087c66412be14125fd6469b14f48f6544c7032db561bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39957
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:38:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Oct 2021 19:11:37 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 188 KB
64 KB 196ms
91ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:37 GMT
content-encoding: br
last-modified: Thu, 14 Oct 2021 16:17:22 GMT
etag: "61682de2-10040"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65600
expires: Thu, 14 Oct 2021 20:11:37 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 272 KB
98 KB 349ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7135939956715808&plah=coronavirus-control.ru&bust=31063101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99876
x-xss-protection: 0
server: cafe
etag: 5725214712622718827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 19:11:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame DA29 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 20:21:55 GMT
expires: Wed, 27 Oct 2021 20:21:55 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 82182
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 330ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&eid=31063007&frequency=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-102245387-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 4231
date: Thu, 14 Oct 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 14 Oct 2021 20:01:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=1243477827&t=pageview&_s=1&dl=https%3A%2F%2Fcoronavirus-control.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=2126725369&gjid=1208304377&cid=738603321.1634238698&tid=UA-102245387-2&_gid=1207110090.1634238698&_r=1&gtm=2ouad0&did=dZTNiMT&z=2005602441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://coronavirus-control.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9426.yAxKLyiLy5emIdj9bUQfHLIqLwJmbcTnh2A-SjI1tv7xg4r0_A2EgWk4wrveZmMn.RraZ8H-kZ8GcdNS2KV_9pFPK3TA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9426.VScYPPjM57jIJb1vX1oVB4RTDz3TsO2abQzACGFO357tyT_66_srwRqelZagSYp6mQcgmDfe4Yds5oia9Pwpig%2C%2C.CPQeW3Ibnc5LU97JMSM_EjQ9WYQ%2C

75 B
75 B

49ms
49ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9426.VScYPPjM57jIJb1vX1oVB4RTDz3TsO2abQzACGFO357tyT_66_srwRqelZagSYp6mQcgmDfe4Yds5oia9Pwpig%2C%2C.CPQeW3Ibnc5LU97JMSM_EjQ9WYQ%2C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9426.VScYPPjM57jIJb1vX1oVB4RTDz3TsO2abQzACGFO357tyT_66_srwRqelZagSYp6mQcgmDfe4Yds5oia9Pwpig%2C%2C.CPQeW3Ibnc5LU97JMSM_EjQ9WYQ%2C
date: Thu, 14 Oct 2021 19:11:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
665 B 66ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=coronavirus-control.ru&callback=_gfp_s_&client=ca-pub-7135939956715808

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7135939956715808&plah=coronavirus-control.ru&bust=31063101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1a0940619e44c99cdb53c8930cc318883ab066cb8ea43907761e071d55f8e2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 59ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=coronavirus-control.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 65ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coronavirus-control.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D1D 287 KB
71 KB 503ms
503ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&adk=1812271804&adf=3025194257&lmt=1634238698&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcoronavirus-control.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697835&bpp=3&bdt=637&idt=529&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6709792917566&frm=20&pv=2&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=560

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6732cd1db829ad05913c135115147d879d654a6d318ceababb4cdbd7d21765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7135939956715808&output=html&adk=1812271804&adf=3025194257&lmt=1634238698&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcoronavirus-control.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697835&bpp=3&bdt=637&idt=529&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6709792917566&frm=20&pv=2&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=560
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 19:11:38 GMT
server: cafe
content-length: 72487
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 19:26:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 19:11:38 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA1B 81 KB
28 KB 329ms
329ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&h=90&slotname=9858196657&adk=3793808450&adf=683863926&pi=t.ma~as.9858196657&w=728&lmt=1634238698&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fcoronavirus-control.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697838&bpp=4&bdt=640&idt=597&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6709792917566&frm=20&pv=1&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qKlnrZBd5c&p=https%3A//coronavirus-control.ru&dtd=605

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e99d9b95f2f8c4fbfdc564a47a83b073ee50bab777e51d1114de304053de31f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7135939956715808&output=html&h=90&slotname=9858196657&adk=3793808450&adf=683863926&pi=t.ma~as.9858196657&w=728&lmt=1634238698&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fcoronavirus-control.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697838&bpp=4&bdt=640&idt=597&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6709792917566&frm=20&pv=1&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qKlnrZBd5c&p=https%3A//coronavirus-control.ru&dtd=605
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 14 Oct 2021 19:11:38 GMT
server: cafe
content-length: 28202
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 14-Oct-2021 19:26:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 14 Oct 2021 19:11:38 GMT
cache-control: private

GET
H3 200 rating_over.gif
coronavirus-control.ru/wp-content/plugins/wp-postratings/images/stars_crystal/ 1009 B
2 KB 20ms
19ms Image
image/gif 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6

Request headers

:path: /wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.gif
pragma: no-cache
cookie: _ga=GA1.2.738603321.1634238698; _gid=GA1.2.1207110090.1634238698; _gat_gtag_UA_102245387_2=1; _ym_uid=1634238698147714475; _ym_d=1634238698
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13579
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1009
last-modified: Tue, 13 Oct 2020 12:07:04 GMT
server: cloudflare
etag: "5f859868-3f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ftG9B02swlDa%2FcCvrY9aWeNar2Ldk99NASU7ObBBZIxPZtpFS2iNgKSAiBcfE%2FSZkJ9W2ICoy5L913%2F5Vf3eFVD04MSBPTjaR0I7TkO8MVdzYnbtkm6p7c%2BXzROLDY5XO3i3qOqrTPa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d59999f4ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 admin-ajax.php Show response
coronavirus-control.ru/wp-admin/ 7 B
684 B 139ms
138ms XHR
text/html 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://coronavirus-control.ru/wp-admin/admin-ajax.php?postviews_id=13&action=postviews&_=1634238698250

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/wp-includes/js/jquery/jquery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.4

Resource Hash

dba0c82ec6ea183c72c8c920710e82218a041c1ecc8664ecaf58dcda2b193c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.738603321.1634238698; _gid=GA1.2.1207110090.1634238698; _gat_gtag_UA_102245387_2=1; _ym_uid=1634238698147714475; _ym_d=1634238698; __gads=ID=9af089f79d7c0031-220ccd06f6ca006c:T=1634238698:RT=1634238698:S=ALNI_MY3FOj1nST6dUIxlVIl5t4pfVrYZg
:path: /wp-admin/admin-ajax.php?postviews_id=13&action=postviews&_=1634238698250
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://coronavirus-control.ru/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.4
cf-ray: 69e31d5a5b064ebc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEs6uFGQYOqCuTlao4enLq9AtUeGhf6PwD%2FCYIM9d2XTB40AFdhtwu5IGrKMFX2FomGIVK5l8cgXXXdyn3PfJhxwbGMci%2FA9TMaFA0%2FoZZMzyZHt3vnZQSHxCVxXElEtb1aQIRtxqnRA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/60986833/
Redirect Chain

https://mc.yandex.com/watch/60986833?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/60986833/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Aut...

385 B
467 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/60986833/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A106927641027%3Ahid%3A648861130%3Az%3A0%3Ai%3A202101014191138%3Aet%3A1634238698%3Ac%3A1%3Arn%3A1005657778%3Arqn%3A1%3Au%3A1634238698147714475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634238696902%3Adsn%3A0%2C28%2C135%2C41%2C130%2C0%2C%2C422%2C0%2C766%2C766%2C0%2C766%3Awv%3A2%3Arqnl%3A1%3Ast%3A1634238699%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&t=gdpr%2814%29ti%282%29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8a64d5bcf3bf5156316e3611e38c7e2c2e3c7d100fc5219bfbfbe509070431fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 14-Oct-2021 19:11:38 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 385
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:38 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:38 GMT
last-modified: Thu, 14-Oct-2021 19:11:38 GMT
location: /watch/60986833/1?wmode=7&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nfyffjihn5h%3Afp%3A437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A673%3Acn%3A1%3Adp%3A0%3Als%3A106927641027%3Ahid%3A648861130%3Az%3A0%3Ai%3A202101014191138%3Aet%3A1634238698%3Ac%3A1%3Arn%3A1005657778%3Arqn%3A1%3Au%3A1634238698147714475%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634238696902%3Adsn%3A0%2C28%2C135%2C41%2C130%2C0%2C%2C422%2C0%2C766%2C766%2C0%2C766%3Awv%3A2%3Arqnl%3A1%3Ast%3A1634238699%3At%3A%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:38 GMT

GET
H2 200 h8q786uqv867kypmrtnyc.php Show response
vtufuj.com/vf171l291liv0pm3y0/ 58 KB
19 KB 227ms
57ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 11:14:23 GMT
server: nginx/1.14.2
etag: "6130b20f-4abc"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19132

POST
H/1.1 200
OK top2 Show response
sjsmartcontent.org/wns/ 2 KB
2 KB 90ms
90ms XHR
text/json 82.202.167.216
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/top2
Requested by: Host: sjsmartcontent.org
URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.167.216 Moscow, Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pistotita2.slickjump.org
Software: nginx/1.14.2 /
Resource Hash: 43d6a685be70e45c3519be184bd2226c94d2110768d528848788220c0ab437ed

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Oct 2021 19:11:38 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://coronavirus-control.ru
Access-Control-Allow-Credentials: true
Connection: close
X-SlickJump-Counter: sessions=1 d_device=1, loads=0 time=26 top=1, dcfp=0, dcfn=0

GET
H3 200 reload.png
coronavirus-control.ru/wp-content/themes/generatepress_child/ 8 KB
9 KB 15ms
15ms Image
image/png 172.67.178.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus-control.ru/wp-content/themes/generatepress_child/reload.png
Requested by: Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/wp-includes/js/jquery/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.178.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe9cb612b2c9f36acd8d7792621d77e5157b8a60ef4e3f344778df2e1bac26af

Request headers

:path: /wp-content/themes/generatepress_child/reload.png
pragma: no-cache
cookie: _ga=GA1.2.738603321.1634238698; _gid=GA1.2.1207110090.1634238698; _gat_gtag_UA_102245387_2=1; _ym_uid=1634238698147714475; _ym_d=1634238698; __gads=ID=9af089f79d7c0031-220ccd06f6ca006c:T=1634238698:RT=1634238698:S=ALNI_MY3FOj1nST6dUIxlVIl5t4pfVrYZg; _ym_visorc=w
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: coronavirus-control.ru
referer: https://coronavirus-control.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8192
last-modified: Thu, 26 Mar 2020 13:00:33 GMT
server: cloudflare
etag: "5e7ca771-2000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLBZM9IxDCfLXqAfw6S8stSqJZuy7HMB9L%2BKmeMJaPSmxiw5femjocrG5J5ShDDAvEEaWIVm3TC63WKra1%2BMCISjmN93hUinJq%2FIrBO%2FSgxSh5icjECYtG2FLApN36hn2pruHTt61ocz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69e31d5c0dc24ebc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6ed056a9.js Show response
pwrlkyotm.com/pixels/ 138 KB
48 KB 226ms
103ms Script
application/javascript 85.192.12.174
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Requested by: Host: vuoffbvzcvdsc.com
URL: https://vuoffbvzcvdsc.com/lMNg/zR.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.174 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dc02eed14655c18b51f3c5a5632f423d07203f0cac2d3c6f7aa94187b63655c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 12:28:14 GMT
server: nginx/1.18.0
etag: W/"611a59de-2273b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 61ms
27ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b0ba669fc7f8c84447d16bf24e6295e14703db8a85659f3aeb1328a671d30bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8579
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 52ms
51ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:38 GMT
last-modified: Wed, 13 Oct 2021 15:51:32 GMT
etag: "6166d654-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 14 Oct 2021 20:11:38 GMT

GET
DATA 200
OK truncated Show response
/ Frame B696 94 B
94 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3946dcb8ff5caef19cd3756a327d715ce410d084ed2c5768b44e7bb08297aa7

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html

GET
DATA 200
OK truncated Show response
/ Frame E900 170 B
170 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac317ea99b45429cda4a9f696764d2171761a737e9d28c5c84fa4ff2dfeee1d3

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 14 Oct 2021 19:11:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA1B 4 KB
716 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&h=90&slotname=9858196657&adk=3793808450&adf=683863926&pi=t.ma~as.9858196657&w=728&lmt=1634238698&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fcoronavirus-control.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697838&bpp=4&bdt=640&idt=597&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6709792917566&frm=20&pv=1&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qKlnrZBd5c&p=https%3A//coronavirus-control.ru&dtd=605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:09:59 GMT
server: ESF
date: Thu, 14 Oct 2021 19:11:39 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 19:11:39 GMT

POST
H/1.1 200
OK event Show response
sjsmartcontent.org/wns/ 2 B
324 B 171ms
60ms XHR
text/plain 82.202.167.216
THEFIRST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/event
Requested by: Host: sjsmartcontent.org
URL: https://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.167.216 Moscow, Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: pistotita2.slickjump.org
Software: nginx/1.14.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 14 Oct 2021 19:11:39 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://coronavirus-control.ru
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame CA1B 2 KB
1 KB 315ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:02:02 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame CA1B 18 KB
8 KB 312ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame CA1B 3 KB
1 KB 315ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA1B 123 KB
38 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 19:11:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame CA1B 14 KB
6 KB 313ms
17ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:23 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame CA1B 27 KB
12 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame B696
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3015210;pid=95d9010fa904054ac93997eba96c196a
https://top-fwz1.mail.ru/counter2?id=3015210;pid=95d9010fa904054ac93997eba96c196a

43 B
958 B

53ms
52ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3015210;pid=95d9010fa904054ac93997eba96c196a

Requested by

Host: text
URL: data:text/html,<img src='https://top-fwz1.mail.ru/counter?id=3015210;pid=95d9010fa904054ac93997eba96c196a' />

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 14 Oct 2021 19:11:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=3015210;pid=95d9010fa904054ac93997eba96c196a
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame E900
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a
https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a&cs=1

35 B
376 B

27ms
27ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a&cs=1
Requested by: Host: text
URL: data:text/html,<img src='https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a' />
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=95d9010fa904054ac93997eba96c196a&cs=1
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/3530058241213463183/ Frame CA1B 90 KB
90 KB 311ms
19ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3530058241213463183/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

156299d8d36f67773f2790d47e5dfb22dd976698b0572d5f6b70106d16a58cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 05:17:49 GMT
x-content-type-options: nosniff
age: 136430
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92102
x-xss-protection: 0
last-modified: Wed, 19 Aug 2020 09:53:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Oct 2022 05:17:49 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CA1B 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJE_H6oBoYdStHd613gPe1LSwDJzlhf9jl-CeyZEMlqSDma4bEAEg6P3_e2CV-vCBjAegAcWfg_ADyAEJqQJJlUbW8HGzPqgDAcgDywSqBPcBT9BlOsE-JsjMimVwlB1wE20gldvEwrPHbj06d8tslhwuNcntahH-OQeWzktXrkA9KvRj6pKXAavmCGcFcTy2s-k7D2QHQVKjn1V1YZ5a07RIeaipaTT5cPgoEE6C2EfxhPtXyavF2lwbBZnviQ6HnqDEFuVhzUEYok5Teed2Zp63vhG_FgYC1BXVWNHnjM_kEQN8atcEtl-mZ2USLlWOdm5YDdyx409V_2Q6kOQ21NCa7EAF_OQplUmqWAM4QPKqFwUanIP7pOPBzYbgNg6IANPDYhCRMJfT1Az84EEkZxVkQ7UUWf8IWRPMAVECxar-zuslJXnYEsAE95Pm3pkDkgUECAQYAZIFBAgFGASgBi6AB6Pg_A-oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEP71BNIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MTM1OTM5OTU2NzE1ODA4GAA&sigh=G5vuDmHxvJk&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7135939956715808&output=html&h=90&slotname=9858196657&adk=3793808450&adf=683863926&pi=t.ma~as.9858196657&w=728&lmt=1634238698&rafmt=12&psa=0&format=728x90&url=https%3A%2F%2Fcoronavirus-control.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634238697838&bpp=4&bdt=640&idt=597&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6709792917566&frm=20&pv=1&ga_vid=738603321.1634238698&ga_sid=1634238698&ga_hid=1243477827&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=436&ady=114&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063007%2C44750345%2C21066430%2C31063101%2C31062526%2C31063128%2C31062948&oid=2&pvsid=2344792110948212&pem=393&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qKlnrZBd5c&p=https%3A//coronavirus-control.ru&dtd=605
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Oct 2021 19:11:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Oct 2021 19:11:39 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 80B9 12 KB
5 KB 237ms
14ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 14 Oct 2021 16:04:25 GMT
expires: Fri, 14 Oct 2022 16:04:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0899 783 B
1 KB 70ms
25ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80b4d370bf4dca563512c35c11d7f0374d0abf2f4279d50868c7e3542a21a4ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p+gqz4lMxs/Z6TheFJGQKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 14 Oct 2021 19:11:39 GMT
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-p+gqz4lMxs/Z6TheFJGQKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pclicks.js Show response
prodmp.ru/ 0
223 B 206ms
67ms Script
text/javascript 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks.js
Requested by: Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 need Show response
dmpprof.com/matching/ 0
416 B 198ms
63ms Fetch 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/need
Requested by: Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
access-control-allow-origin: https://coronavirus-control.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 render Show response
vtufuj.com/v1/ 46 KB
10 KB 260ms
144ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=dda9b8e1-d677-4586-8f6a-8c464117d2bf&block_uuid=dda9b8e1-d677-4586-8f6a-8c464117d2bf&refresh_depth=1&safari_multiple_request=653
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 26b15b7253e7e78207bef209f13b53fd1f25bdb93009bc972042a8526ca8e445

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 15 KB
5 KB 410ms
294ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=3d45c1bc-f4f4-45bf-9dd8-37afc7087ce2&block_uuid=3d45c1bc-f4f4-45bf-9dd8-37afc7087ce2&refresh_depth=1&safari_multiple_request=844
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5972880dccc884f637802fe1cf57fbd8b11cb85e102902f3a29d7484c4f0515b

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 31 KB
12 KB 487ms
371ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=3a989c42-138d-4165-82c0-ce6cfaef0224&block_uuid=3a989c42-138d-4165-82c0-ce6cfaef0224&refresh_depth=1&safari_multiple_request=124
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0fb3faf32dbe74525a7b275bb4463b59eaa6c3fc487f0a2a24b50bc3464d4aa6

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 46 KB
10 KB 644ms
529ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=e6daa67c-4940-4dc7-89ae-ce3725e499b6&block_uuid=e6daa67c-4940-4dc7-89ae-ce3725e499b6&refresh_depth=1&safari_multiple_request=928
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 92314c784430343309b9f54fcef2d25a1faf088b899f2a053967fb98310328e9

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 0
158 B 720ms
606ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=217ec181-0165-4bb9-9982-ee150a369fef&block_uuid=217ec181-0165-4bb9-9982-ee150a369fef&refresh_depth=1&safari_multiple_request=454
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:40 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 12 KB
3 KB 554ms
440ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=12f6a78a-47d3-428b-bdee-4e5d33907d72&block_uuid=12f6a78a-47d3-428b-bdee-4e5d33907d72&refresh_depth=1&safari_multiple_request=219
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 663f76c87fe56b3bf46f4827388fd5b7575e779969cde0b6d3653b24d24f278c

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 render Show response
vtufuj.com/v1/ 12 KB
4 KB 320ms
207ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/render?surfer_uuid=c6581b0b-972e-4501-9f35-a9f0639e1711&referrer=https%3A%2F%2Fcoronavirus-control.ru%2F&page_load_uuid=edf24aef-2d56-4649-891e-753afb7a5358&page_depth=1&q2uzeex2xb=7937eec5-060c-44f8-9a0a-ebfd40bba1b9&block_uuid=7937eec5-060c-44f8-9a0a-ebfd40bba1b9&refresh_depth=1&safari_multiple_request=169
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 24f094f004953d3c8b4e72c4fca2d5a039f71882aceb93f7d0793e607134cf31

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-encoding: gzip
content-type: text/html; charset=UTF-8

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 143 KB
52 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/reactive_library_fy2019.js?bust=31063101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52637
x-xss-protection: 0
server: cafe
etag: 6817435743625754192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 19:11:39 GMT

GET
H2 200 d036163f37a440d0.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/21c5f9c4f98d4eeaae9d4f90f9902a0a/ 19 KB
19 KB 108ms
108ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/21c5f9c4f98d4eeaae9d4f90f9902a0a/d036163f37a440d0.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a5c50036f59c052469380acb19cf6811d63ead386eb2c5acca2e2e4572b2755b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Mon, 11 Oct 2021 08:19:06 GMT
server: nginx/1.14.2
etag: "6163f37a-4b75"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19317

GET
H2 200 d03614832ec4939f.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/6eb0d1700ebc4a4ab4c67d16a8ff69d4/ 14 KB
14 KB 109ms
109ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/6eb0d1700ebc4a4ab4c67d16a8ff69d4/d03614832ec4939f.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a5240ba7db4bcd9e3d719c660d2b78fd2619efe7de49a0c6deb8ffc58e915f8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Mon, 20 Sep 2021 07:06:20 GMT
server: nginx/1.14.2
etag: "614832ec-37c6"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14278

GET
H2 200 d03615edf6d44a5a.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/32d6a35cdb804f0eb96f41233229f4bc/ 25 KB
25 KB 158ms
158ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/32d6a35cdb804f0eb96f41233229f4bc/d03615edf6d44a5a.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 00f6398f6c244c0590b4172c8a70d9a56ae9c6df8ccdd705bbe70883c0fd5b04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Thu, 07 Oct 2021 11:52:13 GMT
server: nginx/1.14.2
etag: "615edf6d-623a"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 25146

GET
H2 200 d03615c335059bc5.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/eb30cf238210456f9ccb537f97c2e51d/ 20 KB
20 KB 160ms
159ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/eb30cf238210456f9ccb537f97c2e51d/d03615c335059bc5.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 82cb223bda2c1efa4d39e7ca3d380a67facfa60fcde219e34e08aab6526d8a90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Tue, 05 Oct 2021 11:13:20 GMT
server: nginx/1.14.2
etag: "615c3350-4ea8"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 20136

GET
H2 200 css
fonts.googleapis.com/ 12 KB
901 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:58:37 GMT
server: ESF
date: Thu, 14 Oct 2021 19:11:39 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 19:11:39 GMT

GET
DATA 200
OK truncated
/ Frame CA1B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2801cc3f3d6c1c628e8c9b73ea1b3b72ad86fde964efa6b98a8e83189236b970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:57 GMT
x-content-type-options: nosniff
age: 95982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 95998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:34:35 GMT
x-content-type-options: nosniff
age: 95824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:34:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 03:41:26 GMT
x-content-type-options: nosniff
age: 142213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://coronavirus-control.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 95994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CA1B 15 KB
16 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 95994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CA1B 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 95998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0899 0
0 50ms
50ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=2344792110948212&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 324ms
23ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=coronavirus-control.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
25ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coronavirus-control.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame 1C06 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7kFOHKmHl6NJBfWwII2iJuC8mGDCXcLRl6iqsfqo_MPNXfKFW9y_dPvKdWvo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 79395
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/ Frame FE59 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://coronavirus-control.ru/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7kFOHKmHl6NJBfWwII2iJuC8mGDCXcLRl6iqsfqo_MPNXfKFW9y_dPvKdWvo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:08:24 GMT
expires: Wed, 27 Oct 2021 21:08:24 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 79395
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 d0361375e9b3f732.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/68a4e1c3d6174df6b246dbb7eae1a177/ 23 KB
23 KB 61ms
61ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/68a4e1c3d6174df6b246dbb7eae1a177/d0361375e9b3f732.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ee77ed1e66801bb09512c16de289974bc433ef0efe35fc08cf7268816f8aa5c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Tue, 07 Sep 2021 12:44:11 GMT
server: nginx/1.14.2
etag: "61375e9b-5c67"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23655

GET
H2 200 d03614440104786b.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/df53a61e972c415dbe33574fc5972a3e/ 14 KB
14 KB 61ms
61ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/df53a61e972c415dbe33574fc5972a3e/d03614440104786b.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4d625f9cbbd3b744b544eeae23cba2ab5d4fbe30ecedd418c3e998ab76ee641f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Fri, 17 Sep 2021 07:13:20 GMT
server: nginx/1.14.2
etag: "61444010-38e1"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14561

GET
H2 200 d03615c37f931483.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/f95090605fe245e391ffb2908c8fc435/ 16 KB
16 KB 66ms
66ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/f95090605fe245e391ffb2908c8fc435/d03615c37f931483.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 10b893311af0ee0d441010acbe70facaa0729188c3649cccf9704ef5a5ba97d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Tue, 05 Oct 2021 11:33:13 GMT
server: nginx/1.14.2
etag: "615c37f9-3e3b"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 15931

GET
H2 200 d0361484b50cd456.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/5e889b14e30b4bc8a9450afda143d681/ 14 KB
14 KB 67ms
66ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/5e889b14e30b4bc8a9450afda143d681/d0361484b50cd456.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 36d3eca406a7b10111b5afb24ca7372a990a58003cc2e03568a99464e7acf537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:39 GMT
last-modified: Mon, 20 Sep 2021 08:50:24 GMT
server: nginx/1.14.2
etag: "61484b50-391e"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 14622

GET
H2 200 d0b615c352eb736b.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/fd35e624599442968d7dbd12b45171ef/ 27 KB
27 KB 58ms
57ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/fd35e624599442968d7dbd12b45171ef/d0b615c352eb736b.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: f020acff9e2a0a57e9a0b606c3d7fa66a9b684a0682a6597ee01099c43d0d19e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Tue, 05 Oct 2021 11:21:18 GMT
server: nginx/1.14.2
etag: "615c352e-6b56"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 27478

GET
H2 200 d0b6137014c2d2e4.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/45138357b04d4f54a5d7ab31a56c68cc/ 23 KB
23 KB 59ms
57ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/45138357b04d4f54a5d7ab31a56c68cc/d0b6137014c2d2e4.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d8f62344598520a95c9a6ccf5741c599142a7c19c94985813ff4186d37ded100

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Tue, 07 Sep 2021 06:06:04 GMT
server: nginx/1.14.2
etag: "6137014c-5c0e"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23566

GET
H2 200 d0b6167f6c0cc4f7.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/cec1138b475b4f4ea450b294c096e494/ 31 KB
31 KB 60ms
58ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/cec1138b475b4f4ea450b294c096e494/d0b6167f6c0cc4f7.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: f501142a8dabe57e49b3581530a82f4f220c184c2593affdd85b7357f4343207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Thu, 14 Oct 2021 09:22:08 GMT
server: nginx/1.14.2
etag: "6167f6c0-7ce7"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31975

GET
H2 200 d0b614e372ba3585.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/a5f18245a5554f04a79605a2562d7350/ 19 KB
20 KB 63ms
62ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/a5f18245a5554f04a79605a2562d7350/d0b614e372ba3585.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 0115d259071fdccf3866db75f18117934fbd99b198d88c111b7cfcd7aaf1416b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Fri, 24 Sep 2021 20:38:03 GMT
server: nginx/1.14.2
etag: "614e372b-4d87"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19847

GET
H2 200 d0b6138b53c77f1f.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/43c150c7cbcb408f97ba94e81abf07be/ 26 KB
26 KB 64ms
62ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/43c150c7cbcb408f97ba94e81abf07be/d0b6138b53c77f1f.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2cc11657cd816f05ee37ffe24b3231fc93041dbd02aa071c6a47415fa965d880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Wed, 08 Sep 2021 13:06:04 GMT
server: nginx/1.14.2
etag: "6138b53c-68f6"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 26870

GET
H2 200 d0b615c31dd174a8.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/77079bfe2df64b34b5337d606c006ec9/ 16 KB
16 KB 108ms
107ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/77079bfe2df64b34b5337d606c006ec9/d0b615c31dd174a8.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6ec54d375b68d2ef149c31cfefe1a616bc0aab02bea827c081bd968b4b0cf706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Tue, 05 Oct 2021 11:07:09 GMT
server: nginx/1.14.2
etag: "615c31dd-3efd"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16125

GET
H2 200 d0b614156c10e6b8.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/6ec7e5fb84b24adcbff7fb010b54f38a/ 17 KB
17 KB 108ms
107ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/6ec7e5fb84b24adcbff7fb010b54f38a/d0b614156c10e6b8.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ccf13964acd82072e2bae50dadcddc42fc2fc85ff752c3b58a7a699a9c1c07ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Wed, 15 Sep 2021 02:13:21 GMT
server: nginx/1.14.2
etag: "614156c1-44c2"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17602

GET
H2 200 d0b60f66ad768548.jpeg
vtufuj.com/.cdn/05a5cf/d72d18/5bf32663f39641aba94cc0ed88b2ad89/ 22 KB
22 KB 108ms
107ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d72d18/5bf32663f39641aba94cc0ed88b2ad89/d0b60f66ad768548.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b8b02a4290b721f587a2f91e6ec37be6353611ccc5a580a7588a130b39ef2555

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Tue, 20 Jul 2021 06:19:03 GMT
server: nginx/1.14.2
etag: "60f66ad7-56f9"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22265

GET
H2 200 d0b60d9854932c6f.jpeg
vtufuj.com/.cdn/05a5cf/faeac4/cd361b351e7d4f309c38c03c4ceb28ac/ 18 KB
18 KB 108ms
107ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/faeac4/cd361b351e7d4f309c38c03c4ceb28ac/d0b60d9854932c6f.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 95d408775a190a728453d727fe3077efada85ffef10ef4c49130f875071c4ed2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Mon, 28 Jun 2021 08:16:09 GMT
server: nginx/1.14.2
etag: "60d98549-4719"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18201

GET
H2 200 d0b614ae2fc35969.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/0e79534f25ff4d5cbdeffc2fecd3e888/ 18 KB
18 KB 108ms
107ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/0e79534f25ff4d5cbdeffc2fecd3e888/d0b614ae2fc35969.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c3f38a4cf5132308b0ca3f4cf8307c0600924c0d176c2f001e4914cb4b8c21d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Wed, 22 Sep 2021 08:02:04 GMT
server: nginx/1.14.2
etag: "614ae2fc-4842"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18498

GET
H2 200 d03613c8b45da9ce.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/c5013b2f4c5f48a384ba68541b0b249d/ 13 KB
13 KB 59ms
58ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/c5013b2f4c5f48a384ba68541b0b249d/d03613c8b45da9ce.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: bfc504a49d6592b41959444773380dbac43087a3c1b114253ea23e6c49110f15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Sat, 11 Sep 2021 10:56:05 GMT
server: nginx/1.14.2
etag: "613c8b45-34f2"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13554

GET
H2 200 d0360f0023f13f47.jpeg
vtufuj.com/.cdn/05a5cf/d72d18/aba6c79770ff4ce9a32c46a750d531c5/ 18 KB
19 KB 60ms
60ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d72d18/aba6c79770ff4ce9a32c46a750d531c5/d0360f0023f13f47.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: eca87fe1becd8e8ae4651af302000955c2eedbafaeaf899af211c5e4c6abc0ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Thu, 15 Jul 2021 09:39:11 GMT
server: nginx/1.14.2
etag: "60f0023f-4985"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 18821

GET
H2 200 d036167f6be878a9.jpeg
vtufuj.com/.cdn/05a5cf/d3d944/5d8ed9a006a642d38c8fac626b3b2863/ 23 KB
23 KB 60ms
59ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/d3d944/5d8ed9a006a642d38c8fac626b3b2863/d036167f6be878a9.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 1425a1d29169aa8f1f0fe3d13b5e6101a628936cd9eec0ab7b066e9764f48515

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Thu, 14 Oct 2021 09:22:06 GMT
server: nginx/1.14.2
etag: "6167f6be-5a96"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23190

GET
H2 200 d0361409736a6fc9.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/26785e509aef47c9988ee3d12cbe7259/ 19 KB
19 KB 59ms
59ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/26785e509aef47c9988ee3d12cbe7259/d0361409736a6fc9.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5276a9c64d4524d43c20f0e0b4a2ea48c1bbd7caf2725880ac65bee92e262466

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Tue, 14 Sep 2021 12:36:06 GMT
server: nginx/1.14.2
etag: "61409736-4b08"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19208

GET
H2 200 d036134a02a802c4.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/b97afd3d13d64607b8e8112ae6c6e60c/ 31 KB
31 KB 59ms
58ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/b97afd3d13d64607b8e8112ae6c6e60c/d036134a02a802c4.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 4c9bfe4acb427abf05f011b49834b543a264a081a94d1c6c5a934e061b6adaa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
last-modified: Sun, 05 Sep 2021 10:47:06 GMT
server: nginx/1.14.2
etag: "6134a02a-7c56"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31830

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame CE2C 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 23:22:10 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1C06 4 KB
731 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:48:20 GMT
server: ESF
date: Thu, 14 Oct 2021 19:11:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 19:11:40 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1C06 205 B
492 B 15ms
14ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 06:46:14 GMT
x-content-type-options: nosniff
age: 131126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 13 Oct 2022 06:46:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1C06 604 B
696 B 15ms
14ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 00:41:57 GMT
x-content-type-options: nosniff
age: 412183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Oct 2022 00:41:57 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 1C06 18 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7792
x-xss-protection: 0
server: cafe
etag: 11501120118990840405
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:05:08 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD58 624 B
344 B 21ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7kFOHKmHl6NJBfWwII2iJuC8mGDCXcLRl6iqsfqo_MPNXfKFW9y_dPvKdWvo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 14 Oct 2021 19:11:40 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 046D 106 KB
38 KB 84ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 16:22:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 16:22:37 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 046D 6 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 18:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2631
x-xss-protection: 0
server: cafe
etag: 10983085961369067521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 18:44:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 046D 18 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:02:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 046D 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 046D 123 KB
37 KB 328ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 19:11:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 046D 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 046D 42 B
110 B 47ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPg2Lsd8E3Euo-b_BmATl6rr38vqcq5dbcVgNHF_kLkVp-Nh4civexmi-wR9liVxHcSSFNOYJzkCSBtO5Ji5k7ISEriyAYheYHFia025YRDt4FkMw

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 80B9 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 23:22:10 GMT

GET
H2 200 8653f2a2a9c87cf6b28cd7b1af1ca21e.js Show response
www.gstatic.com/mysidia/ Frame E1B5 11 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8653f2a2a9c87cf6b28cd7b1af1ca21e.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5345e573423592323853226170438eb2735ed37de751a51c6e0f19fde1088ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4843
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 12 Jan 2022 07:03:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E1B5 2 KB
606 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 18:55:20 GMT
server: ESF
date: Thu, 14 Oct 2021 19:11:40 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 19:11:40 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E1B5 2 KB
950 B 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:02:02 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame E1B5 18 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7691
x-xss-protection: 0
server: cafe
etag: 14402072889669646931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E1B5 3 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1B5 123 KB
37 KB 103ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37935
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633952256361887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Oct 2021 19:11:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame E1B5 14 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Oct 2021 19:10:23 GMT

GET
H2 200 94b9e9edb15b7c220f12fa63d878a5af.js Show response
www.gstatic.com/mysidia/ Frame E1B5 27 KB
11 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/94b9e9edb15b7c220f12fa63d878a5af.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 11:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11213
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 05:48:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 10 Jan 2022 11:08:32 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 046D 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 07:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 14 Oct 2022 07:15:02 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1

43 B
1014 B

50ms
43ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 19:11:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 14 Oct 2021 19:11:40 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DD58
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWiA7BxXBHb6z-0zfGyvCwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1

43 B
894 B

32ms
32ms

Image
image/gif

92.122.254.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.122.254.129 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 19:11:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 14 Oct 2021 19:11:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWZP9slw8eI6EDFG6XHA3Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DD58
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMhAsnHHsRasqeiDc0vT15I&google_cver=1

43 B
1003 B

52ms
26ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMhAsnHHsRasqeiDc0vT15I&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvyrgEQw_SIvwIYjKCmsgEwAQ&v=APEucNWvAj9zl_aDPl_tQ3CNKat2NSCKIStWKKbmyEt5fMugrzjY8clpHq3qT1EeCU5jDaJVKxCggYgrF1LTutxJN8QgNZ4AsZZboHktJ-BnjnGrENJWEbtz5llEWyzjuEW8KpPffspnHle50AQ3_O2h0Uyi4AIFKNT_owkxxCOqPdPgKjkH8Ic

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 19:11:40 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 34ae4554-dd7a-45ef-9be9-b581e8bd2a83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMhAsnHHsRasqeiDc0vT15I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD58
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQyODk2OTQyODgyOTMwNjk3

170 B
188 B

23ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQyODk2OTQyODgyOTMwNjk3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 19:11:40 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c3d32a5b-e5b0-4ea1-a927-002492ce95d5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTQyODk2OTQyODgyOTMwNjk3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 98 KB
21 KB 351ms
15ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cc1bc6b9376eca2e0c094d3d65144776a49b9fd267aca0ee12df9906a5a4183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/10002482140017648499/728X90-5/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 11 Oct 2021 15:31:23 GMT
expires: Tue, 11 Oct 2022 15:31:23 GMT
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 20693
age: 272418
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 046D 0
592 B 96ms
58ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskqrMehi0p29T9Hmz3_PxyLpec4_-HnMHu_0scIVBbt9CFSJyCs0ElgKXpVj4fkfHH0ItsvPldYCWo-WnOrDGXSEZIsU56oB9JQkmTCow5aR3TyAwRTuCdny96aBw4BNK2kUGmJrOCoDboiV0x4O6MPpoAFsBnM7SDvXoiy0E0NAf_EvkdiVHz3P_zxtPE9phWrJBeeOYCb42wz-x9Lml4MKkLGoTdpV78SWiFCNuknoe89Az2cAWg2XRcT826hphqDAft5oAiOCjBvOdnMS7TGAG2G3OwtoeUA7WMZBILv8madAh6_7bkPzZCZrDOps4GK7kITomv8q5pCJD_7lRDf6TeDJsU9_AA_3CCm29DzpyNG6Tgt-WuuZJZtFV43JFOWyHCOWOAYA5MrcfTyQ24KySdnV82fm9E3jWvKeFD0D5ryB1tR9BtzmfMpkq0c3Odh9Y-tZj8PBfR32a1iZAcWgpmNLTw8YbfMNYVyx3XukTyX5qx1nR7Cr58Ij7B8nHjXkPpcVoR3XhOVxKMLlmLh2y8Pw6tCgqTAp9MR8svTCYaI65shJB-rw45pPuYKemhyoeCOICTC1K1I8-fpwB-4_b4TI2gs9EUAUKQk7uNa4rLBoVehEyvpYKNKOlekE2yqNG9AHVx3k4GhpajRf1pvxr-KHnFxXiDJluYttiEuo9orW4Q5VyoJB8Epm8QyGS0lXpeZ3GF11_Dian-dPD0cBg--e6rSBrofrHrC0bwWBZ9rAiHJgtb3FjAsyaRbp-r7UXl6Iaf4KykVBtvHUfcScHLnfreJYQ2dFwMYSpbBI6O3lR9AolR1AXduQK_4PCTONys5nrMGSsibw4Gv0-zzQ8dh_i_t7ERcJKAPIiUvFoomBO-9RzMgEhlOMtQ72ss1QN1oU_IhnNs7MIvPgebnYsuBwQlPRGBmYa7bovYMYzUXhtkL-2BQQFM0hgG1capsU1KVOFQJjSbntTf_VHsh-h4fQfbNYSO17V9SXQJ706mWqs2qww5Gz05CPaEuMIsUHrtx7RrmWAURIhRKPot5QB_SNUmVAAopq1jZjSqkgWTQ4jQ_RVGYpOVPjqJK_5EECXpk6QzjBzNvLxSr4RKQ9wCuMZ-TiKfzkBZR-oaT0m31HQK5kYdzJhMmKAllpCOeVDeENC0EPdcoj6H5wTscBjCNAeLw5Q&sai=AMfl-YTX-r44A7L1WZ2X7UKlH8nTK2_65FFtszpZw7IgGhqambLl6cAYVyXJaotUwg-IxPR4Gt04_48MqhDvBsdiTdz3k68kw9MLbteLjSEzbJ2LOWVrjeecVQ5UTdIXmXLTIbZ07oBBRCqXhYrkhtKQ2aUAvVqSS9JeakJ4kBIRIw&sig=Cg0ArKJSzIUzP8Yrg1vsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=311&cbvp=1&cstd=307&cisv=r20211011.21512&adurl=

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 14 Oct 2021 19:11:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 93A5 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Thu, 14 Oct 2021 07:15:05 GMT
expires: Fri, 14 Oct 2022 07:15:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 046D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 018f3cb9945f05856aa51bcb27f3cbd872c7151db8711906050dbc49ec2031ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 96DB 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 23:22:10 GMT

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 93A5 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 23:22:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 23:22:10 GMT

GET
H2 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame D6B7 28 KB
10 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 05:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Oct 2021 05:11:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA1B 42 B
174 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuECHM_eiTE0T3dHvAWFt7ID22VVp3PnZzyLxX-lejATak_1XLQyj87fZw7G-ZEzVBjkOv4e0XuzmddNpc6ThP2gfuRpkT_h37TaomrMg8XjJa-a0BCvg&sai=AMfl-YSiB36-VRZYyoYelkHPcIpB0cObbko4kR8gIOb4N2-QzrLZOKvg2fuPSbBfOW0S4x7swKxi-KYoKHQb&sig=Cg0ArKJSzOPkah17aFvDEAE&id=lidar2&mcvt=1037&p=0,0,90,728&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3793808450&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634238698444&rpt=1660&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 046D 0
23 B 47ms
32ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: coronavirus-control.ru
URL: https://coronavirus-control.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 19:11:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 60986833 Show response
mc.yandex.com/webvisor/ 43 B
145 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/60986833?wmode=0&wv-part=1&wv-hit=648861130&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&rn=903237171&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1634238701%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014191141%3Au%3A1634238698147714475%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634238701&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:41 GMT
last-modified: Thu, 14-Oct-2021 19:11:41 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:41 GMT

GET
H2 200 C1-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 10 KB
10 KB 20ms
19ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/C1-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c1caa664ebdd937d7a5c6c68ab559131dc24a2883b5a7bd006a885fcbadd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:37:06 GMT
x-content-type-options: nosniff
age: 300875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10051
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:37:06 GMT

GET
H2 200 H1-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 27 KB
27 KB 16ms
15ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/H1-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb9939a8dd12ea86f426371a9c57b6f4c2b2bd422e3af555a37845007e4509d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:32:20 GMT
x-content-type-options: nosniff
age: 272361
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27363
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:32:20 GMT

GET
H2 200 LT-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 9 KB
9 KB 22ms
21ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/LT-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a4ec38c1f19e6b490e16bdc7f8e203f8ed62d9267ada7f81238ea06a07b66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 09:33:33 GMT
x-content-type-options: nosniff
age: 553088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9386
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Oct 2022 09:33:33 GMT

GET
H2 200 LOGO-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 12 KB
12 KB 21ms
20ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/LOGO-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71800214b995083c38bb79a5c19b935842400d08a318633743031208abee2269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 09:06:01 GMT
x-content-type-options: nosniff
age: 122740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12676
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 13 Oct 2022 09:06:01 GMT

GET
H2 200 BLUE-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 7 KB
7 KB 23ms
23ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/BLUE-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

442a38dc92e1b8db95680109e41a779d7e9ce80777ab7b96481aee75f9ae9995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:59:42 GMT
x-content-type-options: nosniff
age: 288719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7175
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 10:59:42 GMT

GET
H2 200 1-01.png
s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/ Frame D6B7 1001 KB
1001 KB 24ms
24ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/1-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed5742c2717a57edacdbe1dfe155acbcb2246f1f9b6a5aeb490c327f36ce4d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10002482140017648499/728X90-5/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:17:20 GMT
x-content-type-options: nosniff
age: 302061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1024744
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 12:24:41 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:17:20 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 54ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=2344792110948212&bg=!WFulWx_NAAbGFvHlxhY7ACkAdvg8WhK5rewL9lH6cIVj42kGTqDnISptHvEvZXnDrvHrtsb7fCWbewIAAAIhUgAAAFloAQcKAERIdmhbkR8x04rrVG58s7f5ThbLl0hhu80XRT5wPPZg2TPmagPFIeyLKVMt5Au54F3sJ-_X5eDAUgljryCuKtCOpnSkp5kC0m6ltDdADQ4p38ClFGY9cj_awcLRFwIRvevTJ4gxwDtH2knMIS9zZn1KwmiDYppEsv0sYq93Q1DXogMmGwUow8TcLU4WMf0T8NZx2RKDUoFsa5dYwsLehOUP7sQHfvfYPp8SRaiWh8etWBgeJnhBUjzxLsUI9KyA2M5BcahmM4SqjwZG5T8M5fJ54IAnCyNA1gjB1pNNr6jnYZKbG21cQdzjJm6oaoOVM45gdvhtMwGhOlaGzzmBwb6lvPlUKzZL3N3OqsbczZ4TLRDjg-I--RwnKX0USxNMqfPeu1zY63CPt-xlI7oWPu4-m9-EIUaCxmzbv9WypfrfhRwi43LuyXzLiaPnisFpabNYkvZNNxR6fe0DbifkjRMyu81Rhe8H0wTYEzLA0Nm-qXSq_lfvEWDnTyfPrLndvN67r-tl1itvEAD8rLzv0WnmuLqbzuE45KhYagIy_Gb3Jr3Nw43Q7uJ8rID94YWN1BxIVytNiBfOVPZlen8zpGwyevHv3wZZJHm0Zf4kEi7U2x1LH0mVBVKPV3OHMZRDZqtPTNQiTicyWCdjTos74qr9v2_4qlAH66WebDJXfbhCVyE8CjPMkTqpOymU0_bU57-MKi2KFtxbcqBy7nGeRGsvAHq91UGDXYyhtSlxLcYubvapICfn0HKDO9qAFWAzKhoyK4mX3An74ahn-GBvRvJljd4KxshCNWrZnTA5yBmn95_YncZ6LSxzVw4NHGxjAJZUNm91__bU2yToc-FNMsEv1QSJTUE6gf-152BT646w-wsZUlInYvzc_pTV6QlBw2Ah_g-7wP7Zpde9M0QPqVsbg7ockP90CP81kCJWUfcZT17-PFYenoU3uEywP0mEAIjr2RQ0GCNsZKMM4__tW4kctuVI9WEsW4SyNtQvfnfbOB0t-8gGtXi2Wf33K2qtdmYrv_Eb-4ALc8BVaXCGo_Tv3UVDyJNAtnru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 internal Show response
dmpprof.com/matching/ 117 B
648 B 937ms
70ms Fetch
application/json 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=14&href=https%3A%2F%2Fcoronavirus-control.ru%2F&title=%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91&dmp_print_id=0272b9ed1e5626b88020de793361f05f
Requested by: Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 25b01f8c94ec77d0117680ee6087e67fdc634f7db6f7c3a8790c38e1765a0ef3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:42 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://coronavirus-control.ru
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 117

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 93A5 0
56 B 52ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqEze6oBoYYP-Gfa91fAPm7uAqA0AAAAAOAHgBAI&bg=!zM-lz4vNAAbGFvHlxhY7ACkAdvg8Wv60JQVM496QdntQF-guZ73OVwIKW-sCDkfrdcWM4X45vvqSvwIAAAGIUgAAABNoAQeZAxLXMQrnJAG0Occ2zywMaVVrlivBQjBubnZCk4T4NynuL3GIEM1ZslLcKo-5r9dT6FOBUvTEJyvr-Ar9pwgwB4iXbBwwSgp65z7KpoqVFKX5OF8RqosTDMzgPlIYL9mSYv0YAuptrNGAqzAg7FVv-8u51mnldXHSWzTaMQjhpQas8HKWj3NlYqKtLkkliuFYZiIg7t6KRQIZH6wcHvRLR0uJWt_z2wtyw023g6K09mnvSZvzqEJgY1-z-owJbuIpazFnJc5saEc_XPsIgYVHlm7NJ3ltGW23go4P9aWGK8bMVVQxqiKaFmprT_On_gHLptlHCA1KEKOODtSdg_bGZ2ajy0mCaektm12WuKMIg-2OnVFNajE6m_H6pu4Nw69m3kOignQ3RjeixGD6KvM-yuiTNPVQRRATF_9HTGICK1FHMy3q7LU6wrzV8vgv1wxP_KmIS950HaD-kg2QTO8luh2PCSksNDcZU5Atinj_gByh0BWcFs1q8L9xVAXn8ECP8FLThfRNjayVvH1q5BdAh8la2Q3vb6eyHI4C5-HwMDFFqDj-hR9mF_7izeGtVPQbPMNHrasjs42TYEhHczOr0j-u-4Ll8En-bcYlUHPKnN6-qlDgPk1nZll5YD4UDuyDm3nqsUHHw-U8TGZ5C_D0FWfeTAqLZXs02ANofA2zgkNZntQ-syMGR9xBkdl_KDjxXraGllRbhMI1HgvYtM87M41JTIe4Vl99Hhhe98jRUDp23_0z6428ePEn6SWsAq5jLGNtqBAhIAtb0klhXO8BgSZF3Ltp2FBRlBska9gF6OPXOD91LbuUhtnA-26DkoDxAuBwvKcbDFGj3XYHymB-U3XAcDVMGX_RUT2Gis5SlhxBw8GY9oFfEktDMe9kHWMuf7piyh9ptLrBIM9eu248RJmkE63JY89L5Z6hTYhuWpP0Ak1vcw9K-nN8eTlyA4U3rmnBahwnINyyCvL4BpJZOWNfCLxGDvKpNGtBvwfHQ9IOqsknXQRyA4v4Mhfv7XrCm1Vp7Wkg0lw6DG_IpFH8cXCLMY0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 046D 42 B
108 B 265ms
264ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_hQMv3sNju8LnNtjEH36_qp1_f3U4v9dfGyqnJilq6mCHqltcT7FYEWzYk_5fYUwsrPsEVS9r1v7quNpgSddrn6mVeBmkXAJrXoT6j2kRIkb5bcfMDA&sai=AMfl-YStDBxwgSTjM2gyfLP1LetV3MHpqcGkmD_ULCd_t9fHGjFzlyCagivFWrRE6iG3xHisSaGpxfzRHANZ&sig=Cg0ArKJSzNtNDZKi-5zgEAE&cid=CAASBORoh7s&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634238700404&rpt=722&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 demography Show response
prodmp.ru/pclicks/ 3 B
140 B 65ms
65ms Fetch
application/json 193.106.95.134
ITSOFT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmp.ru/pclicks/demography?domain=coronavirus-control.ru
Requested by: Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.106.95.134 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://coronavirus-control.ru
date: Thu, 14 Oct 2021 19:11:42 GMT
access-control-allow-credentials: true
server: nginx
content-length: 3
content-type: application/json

POST
H2 200 enr Show response
dmpprof.com/ 2 B
359 B 71ms
71ms Fetch
text/plain 85.192.12.173
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dmpprof.com/enr?href=https%3A%2F%2Fcoronavirus-control.ru%2F&title=%D0%9A%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%20%E2%80%94%20%D0%A1%D1%82%D0%B0%D1%82%D0%B8%D1%81%D1%82%D0%B8%D0%BA%D0%B0%20%F0%9F%98%B7%20%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D0%BA%D0%BE%D1%80%D0%BE%D0%BD%D0%B0%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%B0%20%F0%9F%91%91
Requested by: Host: pwrlkyotm.com
URL: https://pwrlkyotm.com/pixels/6ed056a9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Oct 2021 19:11:42 GMT
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://coronavirus-control.ru
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length: 2

POST
H2 200 60986833 Show response
mc.yandex.com/webvisor/ 43 B
145 B 572ms
52ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/60986833?wmode=0&wv-part=2&wv-hit=648861130&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&rn=504720470&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634238703%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014191142%3Au%3A1634238698147714475%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634238703&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:43 GMT
last-modified: Thu, 14-Oct-2021 19:11:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:43 GMT

POST
H2 200 60986833 Show response
mc.yandex.com/webvisor/ 43 B
176 B 331ms
51ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/60986833?wmode=0&wv-part=1&wv-hit=648861130&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&rn=349405877&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634238703%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014191142%3Au%3A1634238698147714475%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634238703&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:42 GMT
last-modified: Thu, 14-Oct-2021 19:11:42 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:42 GMT

GET
H2 200 d036144530b80536.jpeg
vtufuj.com/.cdn/05a5cf/0a8005/020d7a685f534a19a9538aaaf5d444e3/ 13 KB
14 KB 57ms
57ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vtufuj.com/.cdn/05a5cf/0a8005/020d7a685f534a19a9538aaaf5d444e3/d036144530b80536.jpeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a94a09d9e8f44d0b7cd3dd6fc2acfd3f0e4ddb095a662b9749ff2c5ac2175089

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://coronavirus-control.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 19:11:42 GMT
last-modified: Fri, 17 Sep 2021 08:34:19 GMT
server: nginx/1.14.2
etag: "6144530b-35ae"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13742

POST
H2 200 confirm Show response
vtufuj.com/v1/ 48 B
162 B 69ms
68ms XHR
application/json 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vtufuj.com/v1/confirm?block_show_uuid=78739b0d-a86d-40fc-ac98-8daf60de4dee&confirmed[]=46e7bcd4-061a-468a-9f60-2664753cbb93
Requested by: Host: vtufuj.com
URL: https://vtufuj.com/vf171l291liv0pm3y0/h8q786uqv867kypmrtnyc.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 8bd379f35f7542aa283ad4208a2fdaff61b9067247619f8c0c945898d9e3be06

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 19:11:43 GMT
cache-control: no-cache, private
server: nginx/1.14.2
content-type: application/json

POST
H2 200 60986833 Show response
mc.yandex.com/webvisor/ 43 B
97 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/60986833?wmode=0&wv-part=3&wv-hit=648861130&page-url=https%3A%2F%2Fcoronavirus-control.ru%2F&rn=655118620&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634238703%3Aw%3A1600x1200%3Av%3A673%3Az%3A0%3Ai%3A202101014191143%3Au%3A1634238698147714475%3Avf%3A25rt5q1nfyffjihn5h%3Awe%3A1%3Ast%3A1634238703&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://coronavirus-control.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 19:11:43 GMT
last-modified: Thu, 14-Oct-2021 19:11:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://coronavirus-control.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14-Oct-2021 19:11:43 GMT

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sjsmartcontent.org/wns/top2	1970-01-19 22:41:57	Name: wnid Value: 95d9010fa904054ac93997eba96c196a
.sjsmartcontent.org/wns/tpx	1970-01-19 22:41:57	Name: wnid Value: 95d9010fa904054ac93997eba96c196a
.sjsmartcontent.org/xpx	1970-01-19 22:41:57	Name: wnid Value: 95d9010fa904054ac93997eba96c196a
.coronavirus-control.ru/	1970-01-20 15:28:30	Name: _ga Value: GA1.2.738603321.1634238698
.coronavirus-control.ru/	1970-01-19 21:58:45	Name: _gid Value: GA1.2.1207110090.1634238698
.coronavirus-control.ru/	1970-01-19 21:57:18	Name: _gat_gtag_UA_102245387_2 Value: 1
.coronavirus-control.ru/	1970-01-20 06:42:54	Name: _ym_uid Value: 1634238698147714475
.coronavirus-control.ru/	1970-01-20 06:42:54	Name: _ym_d Value: 1634238698
.mc.yandex.com/	1970-01-19 21:57:19	Name: sync_cookie_csrf Value: 4171216326fake
.mc.yandex.ru/	1970-01-19 21:57:19	Name: sync_cookie_csrf Value: 2766160191fake
.coronavirus-control.ru/	1970-01-20 07:18:54	Name: __gads Value: ID=9af089f79d7c0031-220ccd06f6ca006c:T=1634238698:RT=1634238698:S=ALNI_MY3FOj1nST6dUIxlVIl5t4pfVrYZg
.yandex.com/	1970-01-20 06:42:54	Name: yandexuid Value: 2749153671634238698
.yandex.com/	1970-01-20 06:42:54	Name: yuidss Value: 2749153671634238698
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1610044721634238698
.yandex.com/	1970-01-23 13:33:18	Name: i Value: yaxSp4n1zmii+CqRTR0IKyaBNws1VLDolhQnA56wHwYXPKEAQEKRGZHl5dWIKM1JGapGW3MrOeE6iTRDtvzunUlY2G8=
.yandex.com/	1970-01-20 06:42:54	Name: ymex Value: 1665774698.yrts.1634238698#1665774698.yrtsi.1634238698
.coronavirus-control.ru/	1970-01-19 21:57:20	Name: _ym_visorc Value: w
.sjsmartcontent.org/	1970-01-19 22:41:57	Name: wnid Value: 95d9010fa904054ac93997eba96c196a
.coronavirus-control.ru/	1970-01-19 21:58:30	Name: _ym_isad Value: 2
.coronavirus-control.ru/	1969-12-31 23:59:59	Name: surfer_uuid Value: c6581b0b-972e-4501-9f35-a9f0639e1711
.coronavirus-control.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fcoronavirus-control.ru%2F%22%2C%22depth%22%3A1%7D
.coronavirus-control.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: edf24aef-2d56-4649-891e-753afb7a5358
.doubleclick.net/	1970-01-20 07:18:54	Name: IDE Value: AHWqTUm7kFOHKmHl6NJBfWwII2iJuC8mGDCXcLRl6iqsfqo_MPNXfKFW9y_dPvKdWvo
.1dmp.io/	1970-01-20 06:42:54	Name: uid Value: 8ef8a2c0-2d22-11ec-ad67-f832e4719dd9
prodmp.ru/	1970-01-20 00:06:54	Name: rai Value: 7a922d9dce358fbd15c9abcd11e23bdf
.mail.ru/	1970-01-20 06:44:21	Name: VID Value: 35u5TZ33nzI500000W10H425:::0-0-0-682d9ab:CAASEKhU4Olh7gJrefUHFzS9EHkaYE5rsOF0D21HgAFimsvVezGdHLQxyYLJ7nA92EnE_6cvazHDKf-venne7wzEdt997XPJqbceJiO00WcIXeVl60X7dvOUEzhRbIYzJtF03UMAHHeoja3nz0iTV2RiQZKOcw
.adnxs.com/	1970-01-20 00:06:54	Name: uuid2 Value: 942896942882930697
.casalemedia.com/	1970-01-20 06:42:54	Name: CMID Value: YWiA7BxXBHb6z-0zfGyvCwAA
.casalemedia.com/	1970-01-20 00:06:54	Name: CMPS Value: 5224
.casalemedia.com/	1970-01-20 00:06:54	Name: CMPRO Value: 1110
.casalemedia.com/	1970-01-19 21:58:45	Name: CMST Value: YWiA7GFogOwA
.adnxs.com/	1970-01-20 00:06:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>uv<gF9!@wnfH8K6pQK`!5=E<*L5?%K@dr+5MdpX4B_.+NJio@aC2F$tg?wGG4Y5HovP(hw9P-HC_#tu-t)xVeA
.casalemedia.com/	1970-01-20 06:42:54	Name: CMRUM3 Value: 2d616880ec2760CAESEIWZP9slw8eI6EDFG6XHA3Y
dmpprof.com/	1970-01-20 07:57:18	Name: uid Value: f7f865a4-7054-40b6-8700-f84db5fa924e
dmpprof.com/	1970-01-19 22:17:28	Name: enrich_data_v2_5 Value: 1634238702

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9426.VScYPPjM57jIJb1vX1oVB4RTDz3TsO2abQzACGFO357tyT_66_srwRqelZagSYp6mQcgmDfe4Yds5oia9Pwpig%2C%2C.CPQeW3Ibnc5LU97JMSM_EjQ9WYQ%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.highcharts.com
code.jquery.com
coronavirus-control.ru
dmpprof.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
nativerent.ru
pagead2.googlesyndication.com
partner.googleadservices.com
prodmp.ru
pwrlkyotm.com
s0.2mdn.net
sjsmartcontent.org
sync.1dmp.io
top-fwz1.mail.ru
tpc.googlesyndication.com
vtufuj.com
vuoffbvzcvdsc.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
142.250.74.194
172.67.178.142
185.33.220.242
193.106.95.134
2001:4de0:ac18::1:a:2b
217.69.133.145
2606:4700:20::ac43:479a
2606:4700::6810:125e
2a00:1450:4001:800::2004
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a02:6b8::1:119
62.76.25.27
79.171.117.17
82.202.167.216
84.201.172.198
85.192.12.173
85.192.12.174
92.122.254.129
95.216.101.186
00f6398f6c244c0590b4172c8a70d9a56ae9c6df8ccdd705bbe70883c0fd5b04
0115d259071fdccf3866db75f18117934fbd99b198d88c111b7cfcd7aaf1416b
018f3cb9945f05856aa51bcb27f3cbd872c7151db8711906050dbc49ec2031ed
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fb3faf32dbe74525a7b275bb4463b59eaa6c3fc487f0a2a24b50bc3464d4aa6
10b893311af0ee0d441010acbe70facaa0729188c3649cccf9704ef5a5ba97d9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1425a1d29169aa8f1f0fe3d13b5e6101a628936cd9eec0ab7b066e9764f48515
143555f8cb5122b029f655ce1db7f3e3ebc7fbe8d85d29aca2bed3bbe3286745
156299d8d36f67773f2790d47e5dfb22dd976698b0572d5f6b70106d16a58cd9
1930e5a2ff42013486abcdac7517f36b2af75010327681cb1fed1e1e793c89c3
1a0940619e44c99cdb53c8930cc318883ab066cb8ea43907761e071d55f8e2a3
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1bce8bbb223b34cb93087c66412be14125fd6469b14f48f6544c7032db561bbc
1bf5b1b16e02956377f2b4a2dda9eea5c5a4d1488137b2be48b3abc6b354090d
1cc1bc6b9376eca2e0c094d3d65144776a49b9fd267aca0ee12df9906a5a4183
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24f094f004953d3c8b4e72c4fca2d5a039f71882aceb93f7d0793e607134cf31
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b01f8c94ec77d0117680ee6087e67fdc634f7db6f7c3a8790c38e1765a0ef3
25c1caa664ebdd937d7a5c6c68ab559131dc24a2883b5a7bd006a885fcbadd63
26b15b7253e7e78207bef209f13b53fd1f25bdb93009bc972042a8526ca8e445
27650cd009aaeda498884eb1a1110a62464400d83e72041ce0976a6bde69d97e
2801cc3f3d6c1c628e8c9b73ea1b3b72ad86fde964efa6b98a8e83189236b970
2a4617686d53812d3f06b891e5edc0cf5b7f289bfd57be08e123a3845efcdcd6
2cc11657cd816f05ee37ffe24b3231fc93041dbd02aa071c6a47415fa965d880
2db427c2e96827499e58501ed43a4a3498da88c64ca4f5cb7a4f59fb8db2957e
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
36d3eca406a7b10111b5afb24ca7372a990a58003cc2e03568a99464e7acf537
36ed54961b1bd5e47fdc1b5d6cc416257f5c0134759b5f8cbe9a2eea37b75549
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3d1246d2fe982f57c0a911530b2fa93a679e42c0d897151f39cffa4762c55f5d
43d6a685be70e45c3519be184bd2226c94d2110768d528848788220c0ab437ed
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442a38dc92e1b8db95680109e41a779d7e9ce80777ab7b96481aee75f9ae9995
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
478a6a70e615f25b7bb27c4c40efc749b5421513cc76b84014c1febebf608982
47c4dcc7bb0ec9a3b08eefa0ff661fbb4706cc2fd874a7026835e45472e0dcfb
496077b8b09b43b1417ac4a8eb747b38b08e12a2dc9b65573c78dd2a44ac674d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9bfe4acb427abf05f011b49834b543a264a081a94d1c6c5a934e061b6adaa7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d625f9cbbd3b744b544eeae23cba2ab5d4fbe30ecedd418c3e998ab76ee641f
4def09a6457f79aa12a271e82a7c2f1608c52a25c12883e6c610a72b23e4ffc5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5276a9c64d4524d43c20f0e0b4a2ea48c1bbd7caf2725880ac65bee92e262466
5345e573423592323853226170438eb2735ed37de751a51c6e0f19fde1088ab9
53fa30763dee25538e58a35a51ff9f26b633f860168f4ec2cf0bbd9b13b52630
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56d5f97ea714ee4f3569f497e69d174562e352b99e01f9a4c26a996a109b9529
5972880dccc884f637802fe1cf57fbd8b11cb85e102902f3a29d7484c4f0515b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d7b7fd22a41be99838da0aaa6a8c24caa6af561e17abddbe23d2d2244e4a215
6372999f8fde0b2c48ee0f244d80f019fc417b62bd5319eab367eeebeb24a394
663f76c87fe56b3bf46f4827388fd5b7575e779969cde0b6d3653b24d24f278c
68d17341a90b4af7400a9096afe504bf2d21bf378c5f3e594436dbba105afe84
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cc028e6a4dd3ba0682e979bf20cd4d090600224f399a17cc3a9f7f5a95fbf92
6ec54d375b68d2ef149c31cfefe1a616bc0aab02bea827c081bd968b4b0cf706
71800214b995083c38bb79a5c19b935842400d08a318633743031208abee2269
75a4ec38c1f19e6b490e16bdc7f8e203f8ed62d9267ada7f81238ea06a07b66b
76d187d57700c8aa2932e8b9c76d0a9cfc6e1ae4b1f51b3aa62241ff83aabba2
7b0ba669fc7f8c84447d16bf24e6295e14703db8a85659f3aeb1328a671d30bd
7cab41c2cfecaf3693fae7741237d338c8fbf2f6994b8fcc6fe15facb1449a08
7e710da886dbc47aeb0628fea8a38821222685272e16bae45fa4728cc464f51b
80b4d370bf4dca563512c35c11d7f0374d0abf2f4279d50868c7e3542a21a4ff
82cb223bda2c1efa4d39e7ca3d380a67facfa60fcde219e34e08aab6526d8a90
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a64d5bcf3bf5156316e3611e38c7e2c2e3c7d100fc5219bfbfbe509070431fe
8abba04976ac12cfe694efcee54f086748697ac7726da30a10fce2ee264c4d3d
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8bd379f35f7542aa283ad4208a2fdaff61b9067247619f8c0c945898d9e3be06
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
92314c784430343309b9f54fcef2d25a1faf088b899f2a053967fb98310328e9
924f19d6d5b861c56fff900df8daf8032c4bc5ecffa59067d1184c64fba14065
957caa0d54620e5c643e5c227f5fb22e55f530c8d1f2c438f3676bace46aaaca
95d408775a190a728453d727fe3077efada85ffef10ef4c49130f875071c4ed2
96f260d0943ba0fc12a54bae1b2d648f2309b5c1de81056ccb815f38d3f5385d
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a3946dcb8ff5caef19cd3756a327d715ce410d084ed2c5768b44e7bb08297aa7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5240ba7db4bcd9e3d719c660d2b78fd2619efe7de49a0c6deb8ffc58e915f8c
a5c50036f59c052469380acb19cf6811d63ead386eb2c5acca2e2e4572b2755b
a5dec6d66da315927edbf4e112d92fb83df28b3cbdc72c7f8123f3f16ace13b1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a61537cc8758e228c7f090e22ccd8397602fef4fb89d9b54980cf2404f06cf3b
a81a864cfe171c91ec45e8321be82a400a0e76681fdca0f8d7fdd296791f2483
a94a09d9e8f44d0b7cd3dd6fc2acfd3f0e4ddb095a662b9749ff2c5ac2175089
aa8ab2153beec5132d9268e321035fbee7f935ddcf90294ceb3424f7fe3e5405
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac317ea99b45429cda4a9f696764d2171761a737e9d28c5c84fa4ff2dfeee1d3
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
af6732cd1db829ad05913c135115147d879d654a6d318ceababb4cdbd7d21765
af695981c986ae02aa91e8c3e1919236e1e920d0a2cddb498f5f9195ba50b461
afd0b4241e71938501619ac77452ea8dda8273b216f1b48675f905957a345e72
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b177986f3f9dcccc6c1a04fe8cb3f4b374fb990dec646d9dd0283c0938af1909
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b2fc9dadaea8d42c6cc4ac651182f6044ebd08ad132929e14f208bf1f447cbaa
b8b02a4290b721f587a2f91e6ec37be6353611ccc5a580a7588a130b39ef2555
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bab858c45f4c99c9c2da8cd733c3dd1f3142e07c8dc4d1f703fe8e4c4a76d746
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb9939a8dd12ea86f426371a9c57b6f4c2b2bd422e3af555a37845007e4509d9
bf03950b0120085a09249cd4af8f12bcd283397159b507c53318a3edf6b86eb9
bfc504a49d6592b41959444773380dbac43087a3c1b114253ea23e6c49110f15
c3f38a4cf5132308b0ca3f4cf8307c0600924c0d176c2f001e4914cb4b8c21d5
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
ca8f376454d73019fd5c8f520be035748813ed6a7e0a97df4a8e6360d0f51d72
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccf13964acd82072e2bae50dadcddc42fc2fc85ff752c3b58a7a699a9c1c07ec
cec81b70838d9a30dba7458b8b6197ac39c6227ee7bbb4a06ef7c197cef7bad9
d4cc3dfa1061aedf2533cf134f9d584568bc41a25090fb7ce77c5cdbec6c37e6
d542ad079b781a4da44d19f031c0d57e55dcd92ec50f3bd9e1c95dba077c0dfa
d5c12600c2eedb11dbdcef87977046a3fc282f936b783659c0f0cb7a0815f3af
d63519d8b3afa0190e55d25b79219e5193e0c6a6e069a77a9928b376db0a8b8b
d86f2706876d0af8e4d3c1464569ec9f178c065cc3c41bbfcb78423c82d3e1f3
d8f62344598520a95c9a6ccf5741c599142a7c19c94985813ff4186d37ded100
dba0c82ec6ea183c72c8c920710e82218a041c1ecc8664ecaf58dcda2b193c4a
dc02eed14655c18b51f3c5a5632f423d07203f0cac2d3c6f7aa94187b63655c0
dc12354c468db9133c26a182c8d2ec91f07a9e8df2d50b8cc7483445103c3955
df9f136db27ac681e37115dc151d8ad20ccd198b5fdbd8a392205de21add57bc
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3a9fde73ab4eed86a484b3ddb02e285cead10a46c95d7915c2ff9a490a711a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bc644fd131902910e108e87845ffc2e9907f0dec76d5cd98dd31b896b916fe
e6c804c4d4e790df0d700a4a214ef7fdaaa0666aaaff3269f7ef735dff5a484c
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e99d9b95f2f8c4fbfdc564a47a83b073ee50bab777e51d1114de304053de31f3
eca87fe1becd8e8ae4651af302000955c2eedbafaeaf899af211c5e4c6abc0ea
ed5742c2717a57edacdbe1dfe155acbcb2246f1f9b6a5aeb490c327f36ce4d0f
ee77ed1e66801bb09512c16de289974bc433ef0efe35fc08cf7268816f8aa5c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f020acff9e2a0a57e9a0b606c3d7fa66a9b684a0682a6597ee01099c43d0d19e
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f501142a8dabe57e49b3581530a82f4f220c184c2593affdd85b7357f4343207
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe9cb612b2c9f36acd8d7792621d77e5157b8a60ef4e3f344778df2e1bac26af
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

coronavirus-control.ru Open in urlscan Pro 172.67.178.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

100 %HTTPS

53 %IPv6

28 Domains

33 Subdomains

32 IPs

5 Countries

3609 kBTransfer

7112 kBSize

35 Cookies

27 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

coronavirus-control.ru Open in urlscan Pro
172.67.178.142 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

100 %
HTTPS

53 %
IPv6

28
Domains

33
Subdomains

32
IPs

5
Countries

3609 kB
Transfer

7112 kB
Size

35
Cookies

189 HTTP transactions
5 data transactions