urlscan.io logo urlscan.io
SecurityTrails logo

coronavirus-covid-19.pp.ua Open in urlscan Pro
2606:4700:3037::681b:b115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://coronavirus-covid-19.pp.ua/
Effective URL: https://coronavirus-covid-19.pp.ua/
Submission: On April 05 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3037::681b:b115, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronavirus-covid-19.pp.ua.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 22nd 2020. Valid for: 7 months.
This is the only time coronavirus-covid-19.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 104.22.2.144 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.22.3.144 13335 (CLOUDFLAR...)
22 6
8    2606:4700:3037::681b:b115 (United States)

ASN13335 (CLOUDFLARENET, US)
coronavirus-covid-19.pp.ua
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    104.22.2.144 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt5009.infolinks.com
4    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)
rt5009.infolinks.com
Domain Requested by
8 coronavirus-covid-19.pp.ua 1 redirects coronavirus-covid-19.pp.ua
4 rt5009.infolinks.com resources.infolinks.com
4 fonts.gstatic.com coronavirus-covid-19.pp.ua
4 resources.infolinks.com coronavirus-covid-19.pp.ua
2 router.infolinks.com resources.infolinks.com
1 fonts.googleapis.com coronavirus-covid-19.pp.ua
22 6

This site contains links to these domains. Also see Links.

Domain
wordpress.org
ridizain.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-22 -
2020-10-09		 7 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://coronavirus-covid-19.pp.ua/
Frame ID: C3FE7D53568B15CA60FE182AB38389D9
Requests: 22 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3246436&wsid=0
Frame ID: 9F12A7C5D926B42AC6DD968BCC466DFF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://coronavirus-covid-19.pp.ua/ HTTP 301
    https://coronavirus-covid-19.pp.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

391 kB
Transfer

1137 kB
Size

58
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://coronavirus-covid-19.pp.ua/ HTTP 301
    https://coronavirus-covid-19.pp.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronavirus-covid-19.pp.ua/
Redirect Chain
  • http://coronavirus-covid-19.pp.ua/
  • https://coronavirus-covid-19.pp.ua/
21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfcb45f4b0444ec3c3aa88ccacfdf90368f4e2ce3aac07898f7e1646e9e71957

Request headers

:method
GET
:authority
coronavirus-covid-19.pp.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 05 Apr 2020 14:21:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de5bcd8e93a02cdffee75c87491c6f76d1586096493; expires=Tue, 05-May-20 14:21:33 GMT; path=/; domain=.coronavirus-covid-19.pp.ua; HttpOnly; SameSite=Lax; Secure
x-pingback
http://coronavirus-covid-19.pp.ua/xmlrpc.php
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57f3ea8e7f371f19-FRA
content-encoding
br

Redirect headers

Date
Sun, 05 Apr 2020 14:21:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 05 Apr 2020 15:21:33 GMT
Location
https://coronavirus-covid-19.pp.ua/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
57f3ea8e2d4bdfcb-FRA
css
fonts.googleapis.com/ 		5 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7ca42272a778eeb6a9f338ae7f88b39009ca4ecc2d96e907cadbece10d73edc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Apr 2020 14:21:34 GMT
server
ESF
date
Sun, 05 Apr 2020 14:21:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Apr 2020 14:21:34 GMT
genericons.css
coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/genericons/genericons.css?ver=1.0.37
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Apr 2015 06:42:10 GMT
server
cloudflare
etag
W/"7945-5144a7664b480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
57f3ea903b381f19-FRA
style.css
coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/ 		83 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/style.css?ver=3.6.1
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b284e5f9c14f22c7ab349198d1f99209575b7231ec434b1f2e41aeacb4a50a64

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 04 Apr 2020 14:29:21 GMT
server
cloudflare
etag
W/"14ac1-5a277dc21b43a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
57f3ea903b3a1f19-FRA
jquery.js
coronavirus-covid-19.pp.ua/wp-includes/js/jquery/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Aug 2013 15:17:04 GMT
server
cloudflare
etag
W/"16b9d-4e476aa765c00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
57f3ea903b3c1f19-FRA
jquery-migrate.min.js
coronavirus-covid-19.pp.ua/wp-includes/js/jquery/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2013 12:28:26 GMT
server
cloudflare
etag
W/"1c20-4e22cedfc0e80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
57f3ea903b401f19-FRA
functions.js
coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/js/functions.js?ver=1.0.37
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf61baedf300e645a0bf2da0f798e7501438e023783320928a772811647195a

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Apr 2015 06:42:10 GMT
server
cloudflare
etag
W/"c92-5144a7664b480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
57f3ea903b421f19-FRA
slider-default.js
coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/js/flexslider/ 		364 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirus-covid-19.pp.ua/wp-content/themes/ridizain/js/flexslider/slider-default.js?ver=1.0.37
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681b:b115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b790a6fe5f496a92fe226afff48df5c6b0b16d24c1df470b3464a7787d35be95

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Apr 2015 06:42:10 GMT
server
cloudflare
etag
W/"16c-5144a7664b480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
57f3ea905b741f19-FRA
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54cce1ceb563024e70982cf121d91a0224ae30e22f7829906aa2113ef9bd4005

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sun, 05 Apr 2020 13:44:47 GMT
server
cloudflare
age
2201
etag
W/"acc-5a28b5a8ebaee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
gzip
cache-control
max-age=3600
cf-ray
57f3ea907f4dcc3e-ZRH
expires
Sun, 05 Apr 2020 14:44:53 GMT
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Origin
https://coronavirus-covid-19.pp.ua
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 22:55:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
314778
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14176
x-xss-protection
0
expires
Thu, 01 Apr 2021 22:55:16 GMT
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Origin
https://coronavirus-covid-19.pp.ua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Origin
https://coronavirus-covid-19.pp.ua
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 10:25:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
100562
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14044
x-xss-protection
0
expires
Sun, 04 Apr 2021 10:25:32 GMT
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Origin
https://coronavirus-covid-19.pp.ua
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 19:40:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:39 GMT
server
sffe
age
326489
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13912
x-xss-protection
0
expires
Thu, 01 Apr 2021 19:40:05 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic
Origin
https://coronavirus-covid-19.pp.ua
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
2236840
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13732
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:54 GMT
ice.js
resources.infolinks.com/js/1681.003-2.088/ 		819 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1681.003-2.088/ice.js
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a69fd510716396376b958a06dc38fb65506c9458a2b0d8840c6555ecd5bd85

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 12:50:53 GMT
server
cloudflare
age
1983
etag
W/"ccb18-5a1ad518e483f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
gzip
cache-control
max-age=2592000
cf-ray
57f3ea90d82dcc3e-ZRH
expires
Tue, 05 May 2020 13:48:31 GMT
manage
router.infolinks.com/usync/ Frame 9F12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3246436&wsid=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=3246436&wsid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://coronavirus-covid-19.pp.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://coronavirus-covid-19.pp.ua/

Response headers

status
200
date
Sun, 05 Apr 2020 14:21:34 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d193fc3efbc831d7ba9a54f998ede5aaf1586096494; expires=Tue, 05-May-20 14:21:34 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57f3ea91ba54cc3e-ZRH
content-encoding
gzip
gsd
router.infolinks.com/ 		327 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3246436&wsid=0&pdom=coronavirus-covid-19.pp.ua&purl=https%3A%2F%2Fcoronavirus-covid-19.pp.ua%2F&jsv=1681.003-2.088&_cb=15860964943480
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d551a1e464fec90970151859efab650d303179e695c7d1f76942a87721403b

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 05 Apr 2020 14:21:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
57f3ea91ba62cc3e-ZRH
p3p
CP="NON DSP NID OUR COR"
status
200
cache-control
max-age=0
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
doq.htm
rt5009.infolinks.com/action/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt5009.infolinks.com/action/doq.htm?pcode=utf-8&r=15860964945251
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aff8f7981297ce49610ae1b7e79ad4dbff16bb46092a0f13f639974a3120a97

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
Origin
https://coronavirus-covid-19.pp.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
status
200
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
en-US
access-control-allow-origin
https://coronavirus-covid-19.pp.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
57f3ea930d00cc3a-ZRH
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt5009.infolinks.com/action/ 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt5009.infolinks.com/action/dcl.htm?rid=2335e8c2-4928-4039-9fc6-e917f5e093e4&jsv=1681.003-2.088&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 05 Apr 2020 14:21:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html;charset=UTF-8
status
200
cache-control
no-cache,no-store
accept-ranges
bytes
cf-ray
57f3ea9438d8cc3e-ZRH
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt5009.infolinks.com/action/ 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt5009.infolinks.com/action/dcl.htm?rid=2335e8c2-4928-4039-9fc6-e917f5e093e4&jsv=1681.003-2.088&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 05 Apr 2020 14:21:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html;charset=UTF-8
status
200
cache-control
no-cache,no-store
accept-ranges
bytes
cf-ray
57f3ea9438dccc3e-ZRH
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt5009.infolinks.com/action/ 		134 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt5009.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22bank%20regional%22%2C%22scs%22%3A%22MiR8SIPEK0%22%7D%5D&rid=2335e8c2-4928-4039-9fc6-e917f5e093e4&jsv=1681.003-2.088&sr=1600X1200&rts=1586096494756&cfv=-1&cb=singleGetAdsResponse&os=Mac%20OS&ov=10.14.5&br=Chrome&bv=74.0.3729.169&dv=p&ce=t&purl=https%3A%2F%2Fcoronavirus-covid-19.pp.ua%2F&tzo=%2B0200&c=c&strg=true&rsd=c38OUfoyHHxCRF6GlwrsEd_Ujm9gpgusgFD5zEHa4grSPPyTXSEJWSR0hkFB9ur1C7bXbzebSuOdzsXpeSUdwjqLCkw-wPsu7XqunSYD5VPS42zyczC0PRywGrlA6J1t6hOdubAVA9nX2gcSkaqGGLQN6P9dLc-P32dGOY5TlUA&rsk=2&rcs=6u1PMPfJAYfptYi4Sr9z6g
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1681.003-2.088/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10484d1b00e29af1ae7bf8a22dc34837102faffd67396f5b60a38e98e1d77d04

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sun, 05 Apr 2020 14:21:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
en-US
p3p
CP="NON DSP NID OUR COR"
status
200
cache-control
no-cache,no-store
cf-ray
57f3ea9448e6cc3e-ZRH
content-type
text/html;charset=UTF-8
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
loader.gif
resources.infolinks.com/static/skins/ 		962 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/skins/loader.gif
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
via
1.1 google
cf-cache-status
HIT
age
11525
cf-polished
origSize=1631, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
962
last-modified
Mon, 14 Nov 2016 12:31:03 GMT
server
cloudflare
etag
"65f-54142035d0066"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57f3ea9448e8cc3e-ZRH
expires
Tue, 05 May 2020 11:09:29 GMT
loader-bg.png
resources.infolinks.com/static/skins/ 		902 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.infolinks.com/static/skins/loader-bg.png
Requested by
Host: coronavirus-covid-19.pp.ua
URL: https://coronavirus-covid-19.pp.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.2.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff

Request headers

Referer
https://coronavirus-covid-19.pp.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 05 Apr 2020 14:21:34 GMT
via
1.1 google
cf-cache-status
HIT
age
14349
cf-polished
origFmt=png, origSize=1488
status
200
content-disposition
inline; filename="loader-bg.webp"
cf-bgj
imgq:85
content-length
902
last-modified
Mon, 14 Nov 2016 12:31:03 GMT
server
cloudflare
etag
"5d0-541420359b4a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
57f3ea9448eacc3e-ZRH
expires
Tue, 05 May 2020 10:22:25 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate undefined| $ function| jQuery object| jQuery110205287914020311997 number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS function| _typeof object| $ice object| $infolinks function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| __core-js_shared__ object| $ICE_HB number| $iceId

58 Cookies

Domain/Path Name / Value
.tapad.com/ Name: TapAd_TS
Value: 1586096497929
.yahoo.com/ Name: GUC
Value: AQEBAQFeizpek0IacwQg
.yahoo.com/ Name: APIDTS
Value: 1586096494
.yahoo.com/ Name: B
Value: 5s309b9f8jqbe&b=3&s=5c
.simpli.fi/ Name: suid
Value: A4ABA70BB3B341B8A2975B051A1D4879
.adform.net/ Name: uid
Value: 7337307115486207109
.tapad.com/ Name: TapAd_DID
Value: c2e3ef90-7748-11ea-b842-daa4f85c3414
.casalemedia.com/ Name: CMST
Value: Xonpbl6J6XIA
.casalemedia.com/ Name: CMPS
Value: 3190
eus.rubiconproject.com/ Name: pux
Value: 1512%3D89943%262231%3D89943%262249%3D89943%262974%3D89943%263778%3D89943%26goog%3D89943%26idl%3D89943%26brx%3D89943%26
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-xErR-5QW3vDcGtqkxBvE-slOjfTcSdzxyE0uWvFG&KRTB&22979-xErR-5QW3vDcGtqkxBvE-slOjfTcSdzxyE0uWvFG
.pubmatic.com/ Name: KRTBCOOKIE_1205
Value: 23184-azk:ue1-sb1-6856b188-25ae-4f03-8235-380e0f6f3766_ix:XonpblVbLHoAAGcT4VUAAACS%261150
.pubmatic.com/ Name: pi
Value: 60809:4
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3971569966813035520&KRTB&23150-3971569966813035520
.pubmatic.com/ Name: PugT
Value: 1586096498
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-ASpcFdGJuLjn1FVqxzadUlg9
.pubmatic.com/ Name: SyncRTB3
Value: 1588636800%3A203%7C1586649600%3A2_15_67%7C1586908800%3A63%7C1591228800%3A69%7C1587254400%3A52_81_7_166_205_21_104_78_8_99_170_195_3_13_22_56_5_71_92_218_161_55_54_189_194_176_88
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.infolinks.com/ Name: RBCUSERCOOKIE
Value: K8N4WFXX-1U-17BU
.casalemedia.com/ Name: CMPRO
Value: 1150
.ads.pubmatic.com/ Name: KCCH
Value: YES
.simpli.fi/ Name: suid_legacy
Value: A4ABA70BB3B341B8A2975B051A1D4879
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: C4399CF0-0FB6-4D17-A2D2-B4453A29E977
.pubmatic.com/ Name: SPugT
Value: 1586096496
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662246137179609
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAKq1069E9MAABCGNZDlzg&KRTB&22744-AAKq1069E9MAABCGNZDlzg
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: SPb0kpvADKrBfRmKq1q9
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-XonpbwAAAE0D-lvC&KRTB&22922-XonpbwAAAE0D-lvC&KRTB&22978-XonpbwAAAE0D-lvC&KRTB&23194-XonpbwAAAE0D-lvC
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6812232587217270925
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEBiM_5VxIdIyqT7BmwpxDTY&KRTB&22987-CAESEBiM_5VxIdIyqT7BmwpxDTY&KRTB&22995-CAESEBiM_5VxIdIyqT7BmwpxDTY&KRTB&23025-CAESEBiM_5VxIdIyqT7BmwpxDTY
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-3bad6888-59bc-4760-b74c-5fee6a7eab74-003
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 22918-17780fbd-e84e-44ea-94d5-073f411f533b&KRTB&23031-17780fbd-e84e-44ea-94d5-073f411f533b
.infolinks.com/ Name: cuid
Value: 4e082ff7-b12d-44b3-96af-efd22b43d021
.casalemedia.com/ Name: CMRUM3
Value: 825e89e96f2760AAKq1069E9MAABCGNZDlzg&bf5e89e96e276073951ec9-2f42-b018-56ba3633&275e89e96e0b40&585e89e96f2760XonpbgAAAGmRhw9x&2e5e89e96e05a0&485e89e96e05a00&2d5e89e96e2760CAESEF0dZkb8ynV_wt8ty6uz8TE&c45e89e96e2760383_5e89e96eb9c27
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:11f15e89-e96f-4a00-856a-3d94a96e78ae&KRTB&16736-uid:11f15e89-e96f-4a00-856a-3d94a96e78ae&KRTB&23114-uid:11f15e89-e96f-4a00-856a-3d94a96e78ae
.yahoo.com/ Name: A3
Value: d=AQABBG7piV4CEBlRBIQl-hLPh27DKloJDF4FEgEBAQE6i16TXgAAAAAA_SMAAAcIbumJXloJDF4&S=AQAAAlVtgDQ1aVZ1gauLHWV_cdg
.infolinks.com/ Name: SONOBIUSERCOOKIE
Value: 63d6edf6-aa1d-4122-aba2-4ead7c43010e
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2725722750382509218
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C4399CF0-0FB6-4D17-A2D2-B4453A29E977
.pubmatic.com/ Name: DPSync3
Value: 1587254400%3A201_197_219%7C1586131200%3A174
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7337307115486207109
.rubiconproject.com/ Name: audit
Value: 1|q6shqX9Zv8ztmAw4qimrM6XdSvcZUOOIvSd7ZT96OeZfNWrDO8C8xEuwrAqbyxzJjMm6B6MtcX7qFTrNE4+z9lcH1lSwt83Z
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-3bad6888-59bc-4760-b74c-5fee6a7eab74-003&KRTB&17107-RX-3bad6888-59bc-4760-b74c-5fee6a7eab74-003
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4940d941-8dd6-405f-9a53-afe15d8ef895&KRTB&16532-4940d941-8dd6-405f-9a53-afe15d8ef895
.pubmatic.com/ Name: PUBMDCID
Value: 3
.infolinks.com/ Name: KADUSERCOOKIE
Value: C4399CF0-0FB6-4D17-A2D2-B4453A29E977~1586104273926
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 1f15379810b7dbe0a00b5a0d
.infolinks.com/ Name: IXUSERCOOKIE
Value: XonpblVbLHoAAGcT4VUAAACS&1150
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: UPc0e4c4ed-7748-11ea-b164-068f577bf962
.casalemedia.com/ Name: CMID
Value: XonpblVbLHoAAGcT4VUAAACS
.rubiconproject.com/ Name: khaos
Value: K8N4WFXX-1U-17BU
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-c33bad00-7748-11ea-a608-a184ab20c325
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_bbdeb6f3-2718-49cd-9b6e-fba0080c843f
coronavirus-covid-19.pp.ua/ Name: logglytrackingsession
Value: 64b0a997-94d0-4de7-8681-cb4ae96e4b7f
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7e9ded8a-eada-46c9-ac4d-0a9f4c49fd85-5e89e972-4348&KRTB&22716-7e9ded8a-eada-46c9-ac4d-0a9f4c49fd85-5e89e972-4348
.yahoo.com/ Name: APID
Value: UPc0e4c4ed-7748-11ea-b164-068f577bf962
.coronavirus-covid-19.pp.ua/ Name: __cfduid
Value: de5bcd8e93a02cdffee75c87491c6f76d1586096493

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronavirus-covid-19.pp.ua
fonts.googleapis.com
fonts.gstatic.com
resources.infolinks.com
router.infolinks.com
rt5009.infolinks.com
104.22.2.144
104.22.3.144
2606:4700:3037::681b:b115
2a00:1450:4001:80b::200a
2a00:1450:4001:820::2003
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07d551a1e464fec90970151859efab650d303179e695c7d1f76942a87721403b
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
10484d1b00e29af1ae7bf8a22dc34837102faffd67396f5b60a38e98e1d77d04
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
54a69fd510716396376b958a06dc38fb65506c9458a2b0d8840c6555ecd5bd85
54cce1ceb563024e70982cf121d91a0224ae30e22f7829906aa2113ef9bd4005
5bf61baedf300e645a0bf2da0f798e7501438e023783320928a772811647195a
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
7aff8f7981297ce49610ae1b7e79ad4dbff16bb46092a0f13f639974a3120a97
7ca42272a778eeb6a9f338ae7f88b39009ca4ecc2d96e907cadbece10d73edc2
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa
b284e5f9c14f22c7ab349198d1f99209575b7231ec434b1f2e41aeacb4a50a64
b790a6fe5f496a92fe226afff48df5c6b0b16d24c1df470b3464a7787d35be95
bfcb45f4b0444ec3c3aa88ccacfdf90368f4e2ce3aac07898f7e1646e9e71957
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c5ddb995fe37710a4be439e4e3f45016cd7b7ecfa3423a29e4f4f4dcce63efff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b8ee13d35110d7006bc5c5147ee0a0c6c3e1f26b2f246b8d5e57edf4f6b97b