urlscan.io logo urlscan.io
SecurityTrails logo

www.getreadyforcovid19.com Open in urlscan Pro
82.223.65.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.getreadyforcovid19.com/
Effective URL: https://www.getreadyforcovid19.com/en/
Submission: On April 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 9 domains to perform 33 HTTP transactions. The main IP is 82.223.65.68, located in Spain and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is www.getreadyforcovid19.com.
TLS certificate: Issued by Plesk on April 15th 2020. Valid for: a year.
This is the only time www.getreadyforcovid19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    82.223.65.68 (Spain)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
www.getreadyforcovid19.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:3032::681f:4f79 (United States)

ASN13335 (CLOUDFLARENET, US)
collectcdn.com
avatars.collectcdn.com
1    2600:9000:20eb:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    13.224.194.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-88.fra2.r.cloudfront.net
load.collect.chat
2    2600:9000:21f3:8200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.quantcast.mgr.consensu.org
1    2600:9000:21f3:6000:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
vendorlist.consensu.org
1    143.204.97.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-53.fra50.r.cloudfront.net
api.quantcast.mgr.consensu.org
1    13.225.73.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-19.fra2.r.cloudfront.net
audit.quantcast.mgr.consensu.org
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
Domain Requested by
14 www.getreadyforcovid19.com 1 redirects www.getreadyforcovid19.com
3 fonts.gstatic.com www.getreadyforcovid19.com
2 static.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
2 collectcdn.com www.getreadyforcovid19.com
collectcdn.com
2 www.google-analytics.com www.getreadyforcovid19.com
2 code.jquery.com www.getreadyforcovid19.com
2 fonts.googleapis.com www.getreadyforcovid19.com
collectcdn.com
1 avatars.collectcdn.com collectcdn.com
1 pro.ip-api.com collectcdn.com
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 api.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 vendorlist.consensu.org quantcast.mgr.consensu.org
1 load.collect.chat collectcdn.com
1 quantcast.mgr.consensu.org www.getreadyforcovid19.com
33 14
Subject Issuer Validity Valid
Plesk
Plesk		 2020-04-15 -
2021-04-15		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-04 -
2020-10-09		 8 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
load.collect.chat
Amazon		 2020-04-10 -
2021-05-10		 a year crt.sh
vendorlist.consensu.org
Amazon		 2020-02-07 -
2021-03-07		 a year crt.sh
*.ip-api.com
COMODO RSA Domain Validation Secure Server CA		 2018-08-19 -
2020-08-18		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.getreadyforcovid19.com/en/
Frame ID: A92EE773BBE93E465F92DA33A8BF23C9
Requests: 34 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Frame ID: 4FE852D866F2BF10A63ED1BEEB75EABD
Requests: 1 HTTP requests in this frame

Frame: https://collectcdn.com/widget.js?c=5e790c9efef17e422a58efe8
Frame ID: 98AB8AC95BF1B7167DF46A1A5D277941
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.getreadyforcovid19.com/ HTTP 302
    https://www.getreadyforcovid19.com/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

33
Requests

61 %
HTTPS

62 %
IPv6

9
Domains

14
Subdomains

14
IPs

4
Countries

2195 kB
Transfer

3217 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.getreadyforcovid19.com/ HTTP 302
    https://www.getreadyforcovid19.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.getreadyforcovid19.com/en/
Redirect Chain
  • https://www.getreadyforcovid19.com/
  • https://www.getreadyforcovid19.com/en/
53 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PHP/7.2.29 PleskLin
Resource Hash
265fc684c64fac6079af84f3b7cfef6dee3e5f2355567d92154c30002d0848ff

Request headers

Host
www.getreadyforcovid19.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pll_language=en
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
Server
Apache
X-Powered-By
PHP/7.2.29 PleskLin
Link
<https://www.getreadyforcovid19.com/wp-json/>; rel="https://api.w.org/"
MS-Author-Via
DAV
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
Server
Apache
X-Powered-By
PHP/7.2.29 PleskLin
X-Redirect-By
Polylang Pro
Set-Cookie
pll_language=en; expires=Thu, 15-Apr-2021 20:54:59 GMT; Max-Age=31536000; path=/; secure
Location
https://www.getreadyforcovid19.com/en/
MS-Author-Via
DAV
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		14 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,300italic,400,400italic,500,500italic,700,700italic,900,900italic
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
781fa2a7121cb19579bd343195677a33759c2504c09fc9a14a7a59eeff599866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Apr 2020 20:54:59 GMT
server
ESF
date
Wed, 15 Apr 2020 20:54:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Apr 2020 20:54:59 GMT
header-e75f40b5f2a73d360d86c833c807d2b0dd4e7093.min.css
www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/ 		120 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-e75f40b5f2a73d360d86c833c807d2b0dd4e7093.min.css
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
a81a33c636e03ded06e8d653931a7adb5a5474048e99d24c0536699b4c118531

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 15 Apr 2020 11:48:46 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
122443
ETag
"1de4b-5a352e61525ed"
jquery-ui.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2015 13:03:17 GMT
Server
nginx
ETag
W/"55003d15-898c"
Vary
Accept-Encoding
X-HW
1586984099.dop057.fr8.shc,1586984099.dop057.fr8.t,1586984099.cds006.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8056
header-e6004910cdf40a9124e464681a15c4aeaa88ae5d.min.css
www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/ 		951 KB
951 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-e6004910cdf40a9124e464681a15c4aeaa88ae5d.min.css
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
ea121c4f20b238033103a10aa65834f40ef2eeb659eac1bb7f3e9ffc7029bec5

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 15 Apr 2020 11:48:46 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
973699
ETag
"edb83-5a352e61de04f"
respond.min.js
www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/js/respond.min.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
c4fc73f04b52abdf67af3b840a947e4e25e7daece0dc990aa4fc82bf0e75b44a

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
MS-Author-Via
DAV
Last-Modified
Sat, 29 Dec 2018 14:54:18 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4694
ETag
"1256-57e2a5aa45a80"
header-6e1221a9816ddd9a12130310851cbf98018afe05.min.js
www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/ 		191 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-6e1221a9816ddd9a12130310851cbf98018afe05.min.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
01c62031b008fd48641f59f7447e752b2673b75af27a9f6fadcd565efcd6c86b

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:54:59 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 15 Apr 2020 11:48:47 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
195593
ETag
"2fc09-5a352e61fcc7f"
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4586
date
Wed, 15 Apr 2020 19:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Wed, 15 Apr 2020 21:38:34 GMT
LOGO-BlueberryDx-80x80_t.png
www.getreadyforcovid19.com/wp-content/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/LOGO-BlueberryDx-80x80_t.png
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
41a92d594b0e5978242743d4bc32ca3156e6fd2167a159b54df427dad120ea2f

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Thu, 18 Jul 2019 22:43:58 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2103
ETag
"837-58dfc58676780"
LOGO-BlueberryDx-512x512_t.png
www.getreadyforcovid19.com/wp-content/uploads/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/LOGO-BlueberryDx-512x512_t.png
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
67833aca557fec5bb2d85d27d20bc40d1eee7534ebefa10856c8fa3b742aced8

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Thu, 18 Jul 2019 22:43:58 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
20856
ETag
"5178-58dfc58676780"
footer-3c71cc99d2fc1c12a3d3e1b27e448ca612a89a1d.min.js
www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/ 		35 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/footer-3c71cc99d2fc1c12a3d3e1b27e448ca612a89a1d.min.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
abdc1d66e292b1ff43f9733672b943436feebf4c6968150f6d87b81704617f2b

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 15 Apr 2020 11:48:47 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
36117
ETag
"8d15-5a352e6205537"
jquery-ui.min.js
code.jquery.com/ui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.11.4/jquery-ui.min.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2015 13:03:17 GMT
Server
nginx
ETag
W/"55003d15-3ab2b"
Vary
Accept-Encoding
X-HW
1586984099.dop057.fr8.shc,1586984099.dop057.fr8.t,1586984100.cds006.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
64296
footer-71d5f03ecff83ed825864b039665f980a5ef7c10.min.js
www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/ 		192 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/footer-71d5f03ecff83ed825864b039665f980a5ef7c10.min.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
267aac5255a0dfd150f83732448ee6ef5686f0bf9d3979053b0a14ffe810ddc4

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 15 Apr 2020 12:17:51 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
196970
ETag
"3016a-5a3534e1b0ac9"
iJWKBXyIfDnIV7nBrXyw023e.woff2
fonts.gstatic.com/s/rubik/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWKBXyIfDnIV7nBrXyw023e.woff2
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-6e1221a9816ddd9a12130310851cbf98018afe05.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:300,300italic,400,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.getreadyforcovid19.com

Response headers

date
Sat, 04 Apr 2020 04:09:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:27:24 GMT
server
sffe
age
1010734
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
16268
x-xss-protection
0
expires
Sun, 04 Apr 2021 04:09:26 GMT
launcher.js
collectcdn.com/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collectcdn.com/launcher.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:4f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e24881e038ddaa1ae854f02274063705147b447ec8ec7ab7bbf9fe9247165f

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:00 GMT
content-encoding
br
cf-cache-status
HIT
age
492
cf-polished
origSize=64517
status
200
x-amz-request-id
FA4DDD41F449805F
x-amz-id-2
5NnSels+5ojPiWWXEiAvosDU4TDCL3d7zKIcpOXWuOQn/bzQ9ibDmTh45JPORXUjPERKv5LN02g=
last-modified
Sat, 11 Apr 2020 08:58:23 GMT
server
cloudflare
etag
W/"64e8a7ceb26f60318a77d2317eda862e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1382400
cf-request-id
022138ba8500001f39eebf5200000001
cf-ray
584890a40feb1f39-FRA
cf-bgj
minify
truncated
/ 		609 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		469 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
default-left.png
www.getreadyforcovid19.com/wp-content/plugins/cool-tag-cloud/inc/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getreadyforcovid19.com/wp-content/plugins/cool-tag-cloud/inc/images/default-left.png
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
14b27c4b0644f75cdbaecced9bfe4c1442116e8cb42d1acf095e0a9091353894

Request headers

Referer
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-e6004910cdf40a9124e464681a15c4aeaa88ae5d.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Tue, 21 Jan 2020 18:29:10 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1045
ETag
"415-59caa957e2980"
fontello.woff
www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/css/fonts/ 		128 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/css/fonts/fontello.woff
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
00b4afbe6cb75d57da853cda1c11b94ffbc3f3820822803ef826e19f8d46ad8f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-e6004910cdf40a9124e464681a15c4aeaa88ae5d.min.css
Origin
https://www.getreadyforcovid19.com

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Sat, 29 Dec 2018 14:54:04 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
130584
ETag
"1fe18-57e2a59cebb00"
fontello-custom.woff
www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/theme-framework/theme-style/css/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.getreadyforcovid19.com/wp-content/themes/doctor-wilson/theme-framework/theme-style/css/fonts/fontello-custom.woff
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
81053808519f397e7879109d42031230ae896c49844982cd4faee5d9fefb87b3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-e6004910cdf40a9124e464681a15c4aeaa88ae5d.min.css
Origin
https://www.getreadyforcovid19.com

Response headers

Date
Wed, 15 Apr 2020 20:55:00 GMT
MS-Author-Via
DAV
Last-Modified
Sat, 29 Dec 2018 14:54:22 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14808
ETag
"39d8-57e2a5ae16380"
iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Fqj2md8WD07oB-.woff2
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:300,300italic,400,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.getreadyforcovid19.com

Response headers

date
Wed, 01 Apr 2020 16:50:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:26:06 GMT
server
sffe
age
1224243
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14828
x-xss-protection
0
expires
Thu, 01 Apr 2021 16:50:57 GMT
iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
fonts.gstatic.com/s/rubik/v9/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v9/iJWHBXyIfDnIV7Eyjmmd8WD07oB-.woff2
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Rubik:300,300italic,400,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.getreadyforcovid19.com

Response headers

date
Fri, 10 Apr 2020 03:11:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:20:13 GMT
server
sffe
age
495805
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
16456
x-xss-protection
0
expires
Sat, 10 Apr 2021 03:11:35 GMT
cmp.js
quantcast.mgr.consensu.org/ 		264 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/footer-71d5f03ecff83ed825864b039665f980a5ef7c10.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:41:39 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 19:10:19 GMT
server
AmazonS3
age
2538
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
zAngnp6KaiZXN7PMGrBol7jY3FicdgOtzsLsXQd7PnUYz5hOeyd03Q==
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=966167529&t=pageview&_s=1&dl=https%3A%2F%2Fwww.getreadyforcovid19.com%2Fen%2F&ul=en-us&de=UTF-8&dt=Blueberry%20Dx%20%E2%80%93%20Gnosis%20%E2%80%93%20Innovative%20checkups%20for%20early%20detection%20and%20accurate%20management%20of%20diseases&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABC~&jid=1139013564&gjid=656922042&cid=1734515738.1586984101&tid=UA-145229958-1&_gid=710044388.1586984101&_r=1&z=1556350458
Requested by
Host: www.getreadyforcovid19.com
URL: https://www.getreadyforcovid19.com/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Apr 2020 20:55:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
5e790c9efef17e422a58efe8
load.collect.chat/bots/ 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://load.collect.chat/bots/5e790c9efef17e422a58efe8
Requested by
Host: collectcdn.com
URL: https://collectcdn.com/launcher.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-88.fra2.r.cloudfront.net
Software
/
Resource Hash
c9ed1414284af470827572a5e7fa41e00826795d8ac0a9b3ff10aa09687e9b5d

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:01 GMT
via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
74d2d059-0b53-481c-9316-2813c01be6ab
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5e9774a4-7a47ae50c0027820f3d1fc10;Sampled=0
access-control-allow-credentials
true
x-amz-apigw-id
LC8pyHLbIAMFT4A=
content-length
19405
x-amz-cf-id
Zn-O6M3xO1yw4Eo52mP27sUbeJaf_pQnErDqnTMOtplqAe8QUd__gA==
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v32/ Frame 4FE8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v32/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.getreadyforcovid19.com/en/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.getreadyforcovid19.com/en/

Response headers

status
200
content-type
text/html
content-length
645
last-modified
Tue, 24 Mar 2020 19:10:15 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Wed, 15 Apr 2020 20:42:21 GMT
etag
"55b98270d639ef0c34781d9f03cce91f"
x-cache
Hit from cloudfront
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
GBqE8c2jxMCsSSxrlLGIhJbQVD_-AmXU1SirmEweytLQxzCv3wxLPg==
age
965
cmpui-banner.js
static.quantcast.mgr.consensu.org/v32/ 		257 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:8200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc804d691659700a97702a671ef7e6ad9ee33ddf2faf9afb2b6ca15951185bd2

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:52:36 GMT
content-encoding
gzip
last-modified
Tue, 24 Mar 2020 19:10:14 GMT
server
AmazonS3
age
636
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
XSd0mAy67-CXAaNdrp-u7M7wE5dF4KpOE6_aYB2GWLhrf1bHKHymIg==
via
1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
vendorlist.json
vendorlist.consensu.org/ 		96 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adb8a2afd32196b7a8acf65332de1276a14a19f0c5f9aac593b1f9e27ba92baf

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:01 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 09 Apr 2020 16:00:30 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
jrtppsIwilFrI6tTuvH90zudHm3yumPT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control
max-age=604800
content-type
application/json; charset=utf-8
x-amz-cf-id
aJ0lSIgx1UPQOWlmJQsB0AUMnLfuU9E36WXOwARgPqErvNw1NaMYzw==
CookieAccess
api.quantcast.mgr.consensu.org/ 		30 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.97.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-97-53.fra50.r.cloudfront.net
Software
/
Resource Hash
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:00 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
71e95c8f-509f-4be2-aec1-58ea55ebfdc3
x-cache
Error from cloudfront
status
404
x-amz-apigw-id
LC8pyG4NIAMFlDw=
content-length
50
access-control-allow-origin
https://www.getreadyforcovid19.com
x-amzn-trace-id
Root=1-5e9774a4-8d0f2c2f22684c431f43a4b0;Sampled=0
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-amz-cf-id
5U9I7sDomLn7lGnRHK7uNpL6uAvaNkwUn9CSgnPxQBLzTQPHCoH8cw==
LOGO-BlueberryDx-300x300-White.png
www.getreadyforcovid19.com/wp-content/uploads/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getreadyforcovid19.com/wp-content/uploads/LOGO-BlueberryDx-300x300-White.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.223.65.68 , Spain, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache / PleskLin
Resource Hash
eeb24b79c5cff695564ee3decdb0b980e73f2e6678c322f0fc8faa6544ad241d

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 20:55:01 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 14 Aug 2019 16:32:12 GMT
Server
Apache
X-Powered-By
PleskLin
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
17712
ETag
"4530-590164c93fb00"
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
audit.quantcast.mgr.consensu.org/ 		80 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1586984101260;%5BCompany%20Name%5D;https%3A%2F%2Fwww.getreadyforcovid19.com%2Fen%2F;;;;;b,off,true,,1,en,32,197,true,false,false;displayConsentUi:mandatory,;GDPR-f5f8ql2p8k6s7fvxw05n
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.19 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-19.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:02 GMT
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
vary
Origin
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
Yw71lFi1TNbsdUHrfVqUZBYQfqKXs8o8Zwv-gZ0CO3H1auz3EhkPwQ==
/
pro.ip-api.com/json/ 		262 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=MD3NG35fVBOiaPz
Requested by
Host: collectcdn.com
URL: https://collectcdn.com/launcher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
bec4c737c58a302c9ccfc9651e7262606e7019a06fab0e44466510b388c24ab1

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Apr 2020 20:55:01 GMT
Content-Length
262
Content-Type
application/json; charset=utf-8
a22.png
avatars.collectcdn.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.collectcdn.com/a22.png
Requested by
Host: collectcdn.com
URL: https://collectcdn.com/launcher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:4f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9b938eac38e2629f92491d075840770f688c7dbf73d9d6cca5632186dafec66

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:01 GMT
cf-cache-status
HIT
age
6971
cf-ray
584890aa8fc11f39-FRA
status
200
content-length
22268
x-amz-id-2
EZB3TnCqRF6v+/g/xTG2xRyIdJAtcejW+34NuW8V6LEv99NSJGUstnyxamaXYRONLTFrZgI/O4o=
last-modified
Mon, 11 Mar 2019 19:30:00 GMT
server
cloudflare
etag
"d00d5149e54757861fa03191da352f1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
689DE98B7886CED5
cache-control
max-age=1382400
cf-request-id
022138be9100001f39ee867200000001
accept-ranges
bytes
content-type
image/png
widget.js
collectcdn.com/ Frame 98AB 		384 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collectcdn.com/widget.js?c=5e790c9efef17e422a58efe8
Requested by
Host: collectcdn.com
URL: https://collectcdn.com/launcher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:4f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
979f57a27d36ee3b60ef955583b805ab13f2cde9d65215beafda68b3553a1901

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 20:55:01 GMT
content-encoding
br
cf-cache-status
HIT
age
442
cf-polished
origSize=393961
status
200
x-amz-request-id
65EA5445D0CC239B
x-amz-id-2
u39SHxf5gL80F5dpfszvYzaJUL3aFj8OnebtQrSZJvNaS6VaCy0cpN7Uu32k67yQV7rBTz5MS7E=
last-modified
Fri, 10 Apr 2020 09:06:53 GMT
server
cloudflare
etag
W/"29f61d28ee5f5357d3fe1922ac943297"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1382400
cf-request-id
022138be8700001f39ee866200000001
cf-ray
584890aa7fa71f39-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame 98AB 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400
Requested by
Host: collectcdn.com
URL: https://collectcdn.com/widget.js?c=5e790c9efef17e422a58efe8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.getreadyforcovid19.com/en/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Apr 2020 20:55:01 GMT
server
ESF
date
Wed, 15 Apr 2020 20:55:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Apr 2020 20:55:01 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f648605439a2a9f6f75eacb4cdc5c945d1f93caecf753e93135861ec4b472f38

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| fvmuag string| em_version boolean| em_track_user string| em_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout function| gaOptout string| GoogleAnalyticsObject function| __gaTracker function| ga object| respond object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject function| wen_skill_bar_animate undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| browserPrefixes string| CollectId boolean| CollectChatWordpress function| coolTagCloudToggle object| jQuery112402548918526502846 object| click_object string| qc_choice_init object| tocplus object| seasidetms_script object| seasidetms_theme_script object| stbUserOptions object| header object| nav number| nav_left object| mega number| header_width boolean| firstRun undefined| rtl object| Util function| _typeof function| _createClass function| ScrollSpy string| ua object| checker string| heateorSssSharingAjaxUrl string| heateorSssCloseIconPath string| heateorSssPluginIconPath number| heateorSssHorizontalSharingCountEnable number| heateorSssVerticalSharingCountEnable number| heateorSssSharingOffset number| heateorSssMobileStickySharingEnabled string| heateorSssCopyLinkMessage object| heateorSssUrlCountFetched string| heateorSssSharesText string| heateorSssShareText string| heateorSssWhatsappShareAPI object| heateorSssFacebookTargetUrls function| message function| seasidetmsMegaMenu function| seasidetmsMegaMenuDestroy function| _classCallCheck function| seasidetms_media_width function| seasidetmsLike function| seasidetms_owl_sliders_run function| seasidetms_owl_slider_run function| isImageOk function| checkN function| uniqID function| heateorSssLoadEvent function| heateorSssPopup function| heateorSssCallAjax function| heateorSssGetScript function| heateorSssDetermineWhatsappShareAPI function| heateorSssMoreSharingPopup function| heateorSssFilterSharing function| heateorSssGetSharingCounts function| heateorSssFetchFacebookShares function| heateorSssFBShareJSONCall function| heateorSssSaveFacebookShares function| heateorSssCalculateApproxCount function| heateorSssCalculateActualCount function| heateorSssCapitaliseFirstLetter function| heateorSssHideSharing function| __cmp function| EvEmitter function| imagesLoaded function| Stellar function| ClipboardJS object| wp function| loadCSS object| hash object| qs object| pathname object| hostname object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CollectChatLauncher object| collectchat object| __core-js_shared__ object| core function| __uspapi function| __cmpui undefined| CollectAlwaysOpen

5 Cookies

Domain/Path Name / Value
.getreadyforcovid19.com/ Name: _gat
Value: 1
www.getreadyforcovid19.com/ Name: _cmpQcif3pcsupported
Value: 1
.getreadyforcovid19.com/ Name: _gid
Value: GA1.2.710044388.1586984101
.getreadyforcovid19.com/ Name: _ga
Value: GA1.2.1734515738.1586984101
www.getreadyforcovid19.com/en Name: collect_chat_page_load
Value: 1

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.getreadyforcovid19.com/wp-content/uploads/cache/fvm/1586949707/out/header-6e1221a9816ddd9a12130310851cbf98018afe05.min.js(Line 15)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js(Line 1)
Message:
Unable to get NonIab Vendor list.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
avatars.collectcdn.com
code.jquery.com
collectcdn.com
fonts.googleapis.com
fonts.gstatic.com
load.collect.chat
pro.ip-api.com
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
www.getreadyforcovid19.com
www.google-analytics.com
13.224.194.88
13.225.73.19
143.204.97.53
2001:4de0:ac19::1:b:1b
2600:9000:20eb:4a00:9:46dc:4700:93a1
2600:9000:21f3:6000:1:af78:4c0:93a1
2600:9000:21f3:8200:9:46dc:4700:93a1
2606:4700:3032::681f:4f79
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:820::2003
51.77.64.70
82.223.65.68
00b4afbe6cb75d57da853cda1c11b94ffbc3f3820822803ef826e19f8d46ad8f
01c62031b008fd48641f59f7447e752b2673b75af27a9f6fadcd565efcd6c86b
14b27c4b0644f75cdbaecced9bfe4c1442116e8cb42d1acf095e0a9091353894
265fc684c64fac6079af84f3b7cfef6dee3e5f2355567d92154c30002d0848ff
267aac5255a0dfd150f83732448ee6ef5686f0bf9d3979053b0a14ffe810ddc4
2760a3e20476848ddc4f93fbb4bf6060bbe5124a4e3306e2c5d61b2234aa4770
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
41508237fe6bd4b682566ceed6764d2162d076160bda73cafbef34508883c273
41a92d594b0e5978242743d4bc32ca3156e6fd2167a159b54df427dad120ea2f
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
67833aca557fec5bb2d85d27d20bc40d1eee7534ebefa10856c8fa3b742aced8
6b1f3b6e8f8bfbdf8c30524544c8b844f42f72a16da547af9b3793488f4ced0d
781fa2a7121cb19579bd343195677a33759c2504c09fc9a14a7a59eeff599866
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
81053808519f397e7879109d42031230ae896c49844982cd4faee5d9fefb87b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
979f57a27d36ee3b60ef955583b805ab13f2cde9d65215beafda68b3553a1901
a81a33c636e03ded06e8d653931a7adb5a5474048e99d24c0536699b4c118531
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
abdc1d66e292b1ff43f9733672b943436feebf4c6968150f6d87b81704617f2b
adb8a2afd32196b7a8acf65332de1276a14a19f0c5f9aac593b1f9e27ba92baf
bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df
bec4c737c58a302c9ccfc9651e7262606e7019a06fab0e44466510b388c24ab1
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c4fc73f04b52abdf67af3b840a947e4e25e7daece0dc990aa4fc82bf0e75b44a
c8aa337fc37713d6c02cdbb773733509a0d5186d4185d6cefe101467797dd815
c9ed1414284af470827572a5e7fa41e00826795d8ac0a9b3ff10aa09687e9b5d
d0e24881e038ddaa1ae854f02274063705147b447ec8ec7ab7bbf9fe9247165f
dc804d691659700a97702a671ef7e6ad9ee33ddf2faf9afb2b6ca15951185bd2
e9aa6fcf5e814e25b7462ed594643e25979cf9c04f3a68197b5755b476ac38a7
ea121c4f20b238033103a10aa65834f40ef2eeb659eac1bb7f3e9ffc7029bec5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eeb24b79c5cff695564ee3decdb0b980e73f2e6678c322f0fc8faa6544ad241d
f648605439a2a9f6f75eacb4cdc5c945d1f93caecf753e93135861ec4b472f38
f9b938eac38e2629f92491d075840770f688c7dbf73d9d6cca5632186dafec66