urlscan.io logo urlscan.io
SecurityTrails logo

badcovid.ru Open in urlscan Pro
195.161.41.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://badcovid.ru/
Effective URL: https://badcovid.ru/
Submission: On May 26 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 31 HTTP transactions. The main IP is 195.161.41.132, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is badcovid.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.
This is the only time badcovid.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 195.161.41.132 8342 (RTCOMM-AS)
2 178.62.225.201 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 9 2a02:6b8::1:119 13238 (YANDEX)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
31 6
14    195.161.41.132 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)
badcovid.ru
2    178.62.225.201 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
1shownews.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2606:4700:3033::681b:b5f1 (United States)

ASN13335 (CLOUDFLARENET, US)
coronavirus-monitor.ru
7    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 badcovid.ru
badcovid.ru
157 KB
9 yandex.ru
mc.yandex.ru
98 KB
7 gstatic.com
fonts.gstatic.com
106 KB
2 coronavirus-monitor.ru
coronavirus-monitor.ru
349 B
2 1shownews.com
1shownews.com
12 KB
1 googleapis.com
fonts.googleapis.com
41 KB
31 6
Domain Requested by
14 badcovid.ru 1 redirects badcovid.ru
9 mc.yandex.ru 2 redirects badcovid.ru
mc.yandex.ru
7 fonts.gstatic.com badcovid.ru
2 coronavirus-monitor.ru 1 redirects badcovid.ru
2 1shownews.com badcovid.ru
1shownews.com
1 fonts.googleapis.com badcovid.ru
31 6

This site contains no links.

Subject Issuer Validity Valid
*.badcovid.ru
Let's Encrypt Authority X3		 2020-04-07 -
2020-07-06		 3 months crt.sh
getcontent24.com
Let's Encrypt Authority X3		 2020-04-14 -
2020-07-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.coronavirus-monitor.ru
Let's Encrypt Authority X3		 2020-03-29 -
2020-06-27		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://badcovid.ru/
Frame ID: 23DB7BA17B984D6DA76A18F7C940A2DF
Requests: 30 HTTP requests in this frame

Frame: https://coronavirus-monitor.ru/map/
Frame ID: 76FA2FAF350D5A6BC4E9B62A0FE5A28B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://badcovid.ru/ HTTP 302
    https://badcovid.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

410 kB
Transfer

1441 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://badcovid.ru/ HTTP 302
    https://badcovid.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://coronavirus-monitor.ru/map HTTP 301
  • https://coronavirus-monitor.ru/map/
Request Chain 24
  • https://mc.yandex.ru/watch/61726411?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19 HTTP 302
  • https://mc.yandex.ru/watch/61726411/1?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19
Request Chain 29
  • https://mc.yandex.ru/watch/61726411?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763 HTTP 302
  • https://mc.yandex.ru/watch/61726411/1?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
badcovid.ru/
Redirect Chain
  • http://badcovid.ru/
  • https://badcovid.ru/
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
229493d2bcde38dbbfc8b0efbc3c9577a77898ae9ecaef626faed87e8955dd2e

Request headers

:method
GET
:authority
badcovid.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 23:40:10 GMT
content-type
text/html; charset=UTF-8
content-length
5395
server
Jino.ru/mod_pizza
x-pingback
https://badcovid.ru/xmlrpc.php
link
<https://badcovid.ru/wp-json/>; rel="https://api.w.org/" <https://badcovid.ru/>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 26 May 2020 23:40:09 GMT
Content-Type
text/html
Content-Length
154
Connection
keep-alive
Location
https://badcovid.ru/
/
1shownews.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1shownews.com/?pu=g4ztinlggq5ha3ddf42dkmbr
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.225.201 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
915a879d022e9eaf8bc28ac422f5048d26d84e8136e0e33fbcffbf0b558ec12e
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 23:40:10 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
badcovid.ru/wp-includes/css/dist/block-library/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Thu, 30 Apr 2020 05:50:22 GMT
server
Jino.ru/mod_pizza
etag
"5c76694-d159-5a47ba3fbdedd"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
7642
css
fonts.googleapis.com/ 		346 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9ff7371c3daf01adfcdc7a97c291e07125ec7771a263962e1f1939e948f69851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 26 May 2020 23:40:10 GMT
server
ESF
date
Tue, 26 May 2020 23:40:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 May 2020 23:40:10 GMT
bootstrap.css
badcovid.ru/wp-content/themes/law-firm-lite/assets/css/ 		174 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/assets/css/bootstrap.css?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
fe441bfdc0ee8a4d841523d4ecb3c7880c190cdba6f53755939d94ac1f414ade

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c76394-2b7be-5a2b6f893e851"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
22365
style.css
badcovid.ru/wp-content/themes/law-firm-lite/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/style.css?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
a0451d2a2d4738b21444007ffded10c5bd03bb3f6c92c9da7c0e991e63c723bf

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c76393-a165-5a2b6f8941b19"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
9376
fontawesome-all.css
badcovid.ru/wp-content/themes/law-firm-lite/assets/css/ 		69 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/assets/css/fontawesome-all.css?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c76398-1151e-5a2b6f893e851"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
12909
dashicons.min.css
badcovid.ru/wp-includes/css/ 		46 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-includes/css/dashicons.min.css?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Wed, 15 May 2019 16:08:57 GMT
server
Jino.ru/mod_pizza
etag
"5c7666c-b9c6-588ef5dded840"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
28481
jetpack.css
badcovid.ru/wp-content/plugins/jetpack/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/plugins/jetpack/css/jetpack.css?ver=8.4.2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
934dc3a005115ead8f70eada94b6cb246064ed87e8b8694f1531e1582b8e7136

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Sun, 19 Apr 2020 18:45:17 GMT
server
Jino.ru/mod_pizza
etag
"5cd839a-12161-5a3a92f0ce450"
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
13124
jquery.js
badcovid.ru/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
Jino.ru/mod_pizza
etag
"5c76816-17a69-5890dc7401880"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
33776
jquery-migrate.min.js
badcovid.ru/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
Jino.ru/mod_pizza
etag
"5c76810-2748-5333ff613c400"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4014
custom.js
badcovid.ru/wp-content/themes/law-firm-lite/assets/js/ 		2 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/assets/js/custom.js?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
0e9bb8c7e78a6ffb800359440cbf456fc20e2b03c0bfb23a81a16996b6665efb

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c763b1-619-5a2b6f893e081"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
683
SmoothScroll.js
badcovid.ru/wp-content/themes/law-firm-lite/assets/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/assets/js/SmoothScroll.js?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
7dcd0802bd86365ee828836178f831e35ad9228753bfdf86f684698aad3d4b28

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c763af-5493-5a2b6f893e469"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
6539
two-way.gif
badcovid.ru/wp-content/themes/law-firm-lite/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://badcovid.ru/wp-content/themes/law-firm-lite/assets/images/two-way.gif
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
6a501cfc205dd779142ea89acf37ad2b5b488e640bffcbf326f28d9046d1db6c

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
last-modified
Tue, 07 Apr 2020 17:47:01 GMT
server
Jino.ru/mod_pizza
etag
"5c763ad-20e9-5a2b6f893dc99"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
8425
wp-emoji-release.min.js
badcovid.ru/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://badcovid.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.161.41.132 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software
Jino.ru/mod_pizza /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 26 May 2020 23:40:10 GMT
content-encoding
gzip
last-modified
Tue, 07 Apr 2020 18:09:32 GMT
server
Jino.ru/mod_pizza
etag
"5c76775-364d-5a2b749139b75"
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4653
tag.js
mc.yandex.ru/metrika/ 		359 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 23:40:10 GMT
Content-Encoding
br
Last-Modified
Tue, 19 May 2020 08:28:20 GMT
Server
nginx/1.14.2
ETag
"5ec398a4-16ba9"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93097
Expires
Wed, 27 May 2020 00:40:10 GMT
/
coronavirus-monitor.ru/map/ Frame 76FA
Redirect Chain
  • https://coronavirus-monitor.ru/map
  • https://coronavirus-monitor.ru/map/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://coronavirus-monitor.ru/map/
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:b5f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
coronavirus-monitor.ru
:scheme
https
:path
/map/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://badcovid.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://badcovid.ru/

Response headers

status
200
date
Tue, 26 May 2020 23:40:11 GMT
content-type
text/html
set-cookie
__cfduid=da3a716163733c21cdc615f756a16ffe51590536411; expires=Thu, 25-Jun-20 23:40:11 GMT; path=/; domain=.coronavirus-monitor.ru; HttpOnly; SameSite=Lax
last-modified
Tue, 26 May 2020 18:46:04 GMT
cf-cache-status
DYNAMIC
cf-request-id
02f4f4aff00000c2feb8097200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
599b56f98d83c2fe-FRA
content-encoding
br

Redirect headers

status
301
date
Tue, 26 May 2020 23:40:11 GMT
content-type
text/html
set-cookie
__cfduid=dff5479a4f2e3802ce15600e62a7bcf251590536410; expires=Thu, 25-Jun-20 23:40:10 GMT; path=/; domain=.coronavirus-monitor.ru; HttpOnly; SameSite=Lax
location
https://coronavirus-monitor.ru/map/
cf-cache-status
DYNAMIC
cf-request-id
02f4f4af340000c2feb808b200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
599b56f85b93c2fe-FRA
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Fri, 22 May 2020 20:44:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
356157
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Sat, 22 May 2021 20:44:13 GMT
0yb9GDoxxrvAnPhYGxktaE0Urhg0xTY.woff2
fonts.gstatic.com/s/vollkorn/v11/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v11/0yb9GDoxxrvAnPhYGxktaE0Urhg0xTY.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5a5eb8bfaf7cfd306119915f0a580dfb93b7795da64ba09a72cf614c29299f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Fri, 22 May 2020 23:03:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 May 2020 18:32:17 GMT
server
sffe
age
347795
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26716
x-xss-protection
0
expires
Sat, 22 May 2021 23:03:35 GMT
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Sat, 16 May 2020 07:45:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:02 GMT
server
sffe
age
921271
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9728
x-xss-protection
0
expires
Sun, 16 May 2021 07:45:39 GMT
mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
fonts.gstatic.com/s/opensans/v17/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOVuhpKKSTj5PW.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Fri, 22 May 2020 15:46:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:04 GMT
server
sffe
age
373998
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Sat, 22 May 2021 15:46:52 GMT
0yb9GDoxxrvAnPhYGxkpaE0Urhg0.woff2
fonts.gstatic.com/s/vollkorn/v11/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/vollkorn/v11/0yb9GDoxxrvAnPhYGxkpaE0Urhg0.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eaa6a6d8393fb15cff327506fb28fa39e859df40420dc5ddc91fd34f2ebb1f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Wed, 20 May 2020 10:53:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 May 2020 18:34:13 GMT
server
sffe
age
564394
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40960
x-xss-protection
0
expires
Thu, 20 May 2021 10:53:36 GMT
mem6YaGs126MiZpBA-UFUK0ddc1GAK6bt6o.woff2
fonts.gstatic.com/s/opensans/v17/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0ddc1GAK6bt6o.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d367b41c066d517626057831fc8d5bc713cd9250c6bbfe1bfce94041db5eef61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Sun, 17 May 2020 02:42:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:43 GMT
server
sffe
age
853049
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6376
x-xss-protection
0
expires
Mon, 17 May 2021 02:42:41 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei%7CHeebo%3A100%2C300%2C400%2C500%2C700%2C800%2C900%7CSaira%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CKrub%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%7CPT+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%7CRoboto+Condensed%3A400%2C700%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7COverpass%7CStaatliches%7CMontserrat%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPlayball%3A300%2C400%2C600%2C700%2C800%2C900%7CAlegreya%3A300%2C400%2C600%2C700%2C800%2C900%7CJulius+Sans+One%7CArsenal%7CSlabo%7CLato%7COverpass+Mono%7CSource+Sans+Pro%7CRaleway%7CMerriweather%7CDroid+Sans%7CRubik%7CLora%7CUbuntu%7CCabin%7CArimo%7CPlayfair+Display%7CQuicksand%7CPadauk%7CMuli%7CInconsolata%7CBitter%7CPacifico%7CIndie+Flower%7CVT323%7CDosis%7CFrank+Ruhl+Libre%7CFjalla+One%7COxygen%3A300%2C400%2C700%7CArvo%7CNoto+Serif%7CLobster%7CCrimson+Text%7CYanone+Kaffeesatz%7CAnton%7CLibre+Baskerville%7CBree+Serif%7CGloria+Hallelujah%7CJosefin+Sans%7CAbril+Fatface%7CVarela+Round%7CVampiro+One%7CShadows+Into+Light%7CCuprum%7CRokkitt%7CVollkorn%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%7CFrancois+One%7COrbitron%7CPatua+One%7CAcme%7CSatisfy%7CJosefin+Slab%7CQuattrocento+Sans%7CArchitects+Daughter%7CRusso+One%7CMonda%7CRighteous%7CLobster+Two%7CHammersmith+One%7CCourgette%7CPermanent+Marker%7CCherry+Swash%7CCormorant+Garamond%7CPoiret+One%7CBenchNine%7CEconomica%7CHandlee%7CCardo%7CAlfa+Slab+One%7CAveria+Serif+Libre%7CCookie%7CChewy%7CGreat+Vibes%7CComing+Soon%7CPhilosopher%7CDays+One%7CKanit%7CShrikhand%7CTangerine%7CIM+Fell+English+SC%7CBoogaloo%7CBangers%7CFredoka+One%7CBad+Script%7CVolkhov%7CShadows+Into+Light+Two%7CMarck+Script%7CSacramento%7CUnica+One&ver=5.4.1
Origin
https://badcovid.ru

Response headers

date
Wed, 20 May 2020 07:39:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
576066
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Thu, 20 May 2021 07:39:04 GMT
/
1shownews.com/ 		10 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1shownews.com/?pus=g4ztinlggq5ha3ddf42dkmbr&sub1=&sub2=&sub3=&sub4=&gmt=2
Requested by
Host: 1shownews.com
URL: https://1shownews.com/?pu=g4ztinlggq5ha3ddf42dkmbr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.62.225.201 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 26 May 2020 23:40:11 GMT
server
nginx
access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
1
mc.yandex.ru/watch/61726411/
Redirect Chain
  • https://mc.yandex.ru/watch/61726411?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%...
  • https://mc.yandex.ru/watch/61726411/1?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362610...
171 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/61726411/1?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2d82c8632ba1524d5c503e0ab45bf4b12151b7547f0d69cdfedf4437882f48a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26-May-2020 23:40:11 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://badcovid.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
171
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:11 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:11 GMT
Last-Modified
Tue, 26-May-2020 23:40:11 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://badcovid.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/61726411/1?wmode=7&page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014011%3Aet%3A1590536411%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1021894349981%3Arqn%3A1%3Arn%3A651975247%3Ahid%3A7120732%3Ads%3A0%2C369%2C400%2C0%2C275%2C0%2C0%2C496%2C61%2C%2C%2C%2C1545%3Afp%3A1609%3Awn%3A49439%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536411%3Au%3A1590536411681133763%3At%3A%D0%9A%D0%B0%D1%80%D1%82%D0%B0%20%D1%80%D0%B0%D1%81%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%E2%80%94%20%D0%9A%D0%9E%D0%A0%D0%9E%D0%9D%D0%90%D0%92%D0%98%D0%A0%D0%A3%D0%A1%20COVID-19
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:11 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: badcovid.ru
URL: https://badcovid.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 26 May 2020 23:40:11 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 27 May 2020 00:40:11 GMT
61726411
mc.yandex.ru/webvisor/ 		43 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/61726411?wmode=0&rn=323724096&page-url=https%3A%2F%2Fbadcovid.ru%2F&wv-type=3&wv-hit=7120732&wv-part=1&browser-info=ti%3A8%3Aet%3A1590536414%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200527014011%3Abt%3A1%3Ast%3A1590536414%3Au%3A1590536411681133763
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:13 GMT
Last-Modified
Tue, 26-May-2020 23:40:13 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://badcovid.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:13 GMT
61726411
mc.yandex.ru/webvisor/ 		43 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/61726411?wmode=0&rn=305395527&page-url=https%3A%2F%2Fbadcovid.ru%2F&wv-type=3&wv-hit=7120732&wv-part=1&browser-info=ti%3A8%3Aet%3A1590536412%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200527014011%3Ast%3A1590536414%3Au%3A1590536411681133763
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:13 GMT
Last-Modified
Tue, 26-May-2020 23:40:13 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://badcovid.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:13 GMT
61726411
mc.yandex.ru/webvisor/ 		43 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/61726411?wmode=0&rn=718802007&page-url=https%3A%2F%2Fbadcovid.ru%2F&wv-type=3&wv-hit=7120732&wv-part=2&browser-info=ti%3A8%3Aet%3A1590536414%3Aw%3A1600x1200%3Av%3A1869%3Az%3A120%3Ai%3A20200527014011%3Abt%3A1%3Ast%3A1590536416%3Au%3A1590536411681133763
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:15 GMT
Last-Modified
Tue, 26-May-2020 23:40:15 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://badcovid.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:15 GMT
1
mc.yandex.ru/watch/61726411/
Redirect Chain
  • https://mc.yandex.ru/watch/61726411?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3A...
  • https://mc.yandex.ru/watch/61726411/1?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%...
43 B
444 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/61726411/1?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://badcovid.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:26 GMT
Last-Modified
Tue, 26-May-2020 23:40:26 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:26 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 26 May 2020 23:40:26 GMT
Last-Modified
Tue, 26-May-2020 23:40:26 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://badcovid.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/61726411/1?page-url=https%3A%2F%2Fbadcovid.ru%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590536409330%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200527014026%3Aet%3A1590536426%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A140%3Als%3A1021894349981%3Arqn%3A2%3Arn%3A510702933%3Ahid%3A7120732%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3739%2C3739%2C7%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590536426%3Au%3A1590536411681133763
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 26-May-2020 23:40:26 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery function| menu_openNav function| menu_closeNav object| jQuery1124013843739535996114 function| SmoothScroll function| ym object| twemoji object| wp object| Ya object| yaCounter61726411

4 Cookies

Domain/Path Name / Value
.coronavirus-monitor.ru/ Name: _ym_visorc_57227650
Value: b
.coronavirus-monitor.ru/ Name: _ym_d
Value: 1590536412
.coronavirus-monitor.ru/ Name: _ym_isad
Value: 2
.coronavirus-monitor.ru/ Name: _ym_uid
Value: 1590536412882978008

1 Console Messages

Source Level URL
Text
console-api log URL: https://badcovid.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1shownews.com
badcovid.ru
coronavirus-monitor.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
178.62.225.201
195.161.41.132
2606:4700:3033::681b:b5f1
2a00:1450:4001:815::200a
2a00:1450:4001:81e::2003
2a02:6b8::1:119
0e9bb8c7e78a6ffb800359440cbf456fc20e2b03c0bfb23a81a16996b6665efb
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
229493d2bcde38dbbfc8b0efbc3c9577a77898ae9ecaef626faed87e8955dd2e
2d82c8632ba1524d5c503e0ab45bf4b12151b7547f0d69cdfedf4437882f48a0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6a501cfc205dd779142ea89acf37ad2b5b488e640bffcbf326f28d9046d1db6c
7802ab7abd053752bebf764dbf39c389fa17e47909fcdd317225f39efa6de14f
7dcd0802bd86365ee828836178f831e35ad9228753bfdf86f684698aad3d4b28
7efe87b340014e916e15925590b47c8b880dc486af5144f21aca073981854139
915a879d022e9eaf8bc28ac422f5048d26d84e8136e0e33fbcffbf0b558ec12e
934dc3a005115ead8f70eada94b6cb246064ed87e8b8694f1531e1582b8e7136
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9ff7371c3daf01adfcdc7a97c291e07125ec7771a263962e1f1939e948f69851
a0451d2a2d4738b21444007ffded10c5bd03bb3f6c92c9da7c0e991e63c723bf
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
d367b41c066d517626057831fc8d5bc713cd9250c6bbfe1bfce94041db5eef61
e5a5eb8bfaf7cfd306119915f0a580dfb93b7795da64ba09a72cf614c29299f6
eaa6a6d8393fb15cff327506fb28fa39e859df40420dc5ddc91fd34f2ebb1f95
f032294207e8ba683f350cf12b26bf73d054b427ce483a06afb66317f235194f
fe441bfdc0ee8a4d841523d4ecb3c7880c190cdba6f53755939d94ac1f414ade
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305