urlscan.io logo urlscan.io
SecurityTrails logo

covid-blog.com Open in urlscan Pro
2606:4700:3031::6818:64ec  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covid-blog.com/
Effective URL: https://covid-blog.com/
Submission: On March 26 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::6818:64ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid-blog.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 23rd 2020. Valid for: 7 months.
This is the only time covid-blog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.114 54113 (FASTLY)
1 13.225.73.66 16509 (AMAZON-02)
1 104.16.170.79 13335 (CLOUDFLAR...)
1 162.144.128.165 46606 (UNIFIEDLA...)
1 104.16.95.165 13335 (CLOUDFLAR...)
1 54.228.232.122 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 151.101.114.62 54113 (FASTLY)
1 35.185.246.9 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
22 12
9    2606:4700:3031::6818:64ec (United States)

ASN13335 (CLOUDFLARENET, US)
covid-blog.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.14.114 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.verywellhealth.com
1    13.225.73.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-66.fra2.r.cloudfront.net
ca-times.brightspotcdn.com
1    104.16.170.79 (United States)

ASN13335 (CLOUDFLARENET, US)
img.medscapestatic.com
1    162.144.128.165 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.arthritis.org
blog.arthritis.org
1    104.16.95.165 (United States)

ASN13335 (CLOUDFLARENET, US)
qtxasset.com
1    54.228.232.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-232-122.eu-west-1.compute.amazonaws.com
www.gov.bm
1    2600:9000:21f3:9e00:16:b115:d0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.who.int
1    151.101.114.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.gannett-cdn.com
1    35.185.246.9 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 9.246.185.35.bc.googleusercontent.com
www.lupusresearch.org
3    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
9 covid-blog.com 1 redirects covid-blog.com
3 fonts.gstatic.com covid-blog.com
2 www.verywellhealth.com covid-blog.com
1 www.lupusresearch.org covid-blog.com
1 www.gannett-cdn.com covid-blog.com
1 www.who.int covid-blog.com
1 www.gov.bm covid-blog.com
1 qtxasset.com covid-blog.com
1 blog.arthritis.org covid-blog.com
1 img.medscapestatic.com covid-blog.com
1 ca-times.brightspotcdn.com covid-blog.com
1 fonts.googleapis.com covid-blog.com
22 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-23 -
2020-10-09		 7 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
dotdash.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-03-10 -
2021-03-11		 a year crt.sh
cdn.ca-times.psdops.com
Amazon		 2019-11-14 -
2020-12-14		 a year crt.sh
medscapestatic.com
CloudFlare Inc ECC CA-2		 2019-10-11 -
2020-10-09		 a year crt.sh
ssl400039.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-29 -
2020-09-06		 6 months crt.sh
www.gov.bm
QuoVadis Global SSL ICA G2		 2018-03-27 -
2020-03-27		 2 years crt.sh
*.who.int
COMODO RSA Domain Validation Secure Server CA		 2017-05-17 -
2020-05-16		 3 years crt.sh
*.gannett.com
DigiCert SHA2 High Assurance Server CA		 2020-01-08 -
2020-05-17		 4 months crt.sh
www.lupusresearch.org
Let's Encrypt Authority X3		 2020-03-13 -
2020-06-11		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid-blog.com/
Frame ID: EB72E83426DCAE143C4E9090C89102C9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://covid-blog.com/ HTTP 301
    https://covid-blog.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

22
Requests

95 %
HTTPS

33 %
IPv6

12
Domains

12
Subdomains

12
IPs

3
Countries

549 kB
Transfer

680 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid-blog.com/ HTTP 301
    https://covid-blog.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid-blog.com/
Redirect Chain
  • http://covid-blog.com/
  • https://covid-blog.com/
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690e663bad9295c398552be2e7fdaf22465ce1b376ca23ea2c5ff206497fd6ec

Request headers

:method
GET
:authority
covid-blog.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 26 Mar 2020 08:40:17 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df9874be35b7e07accd1ebb6d21b2364e1585212017; expires=Sat, 25-Apr-20 08:40:17 GMT; path=/; domain=.covid-blog.com; HttpOnly; SameSite=Lax; Secure
link
<http://covid-blog.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579f90e36b01dff3-FRA
content-encoding
br

Redirect headers

Date
Thu, 26 Mar 2020 08:40:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 26 Mar 2020 09:40:17 GMT
Location
https://covid-blog.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
579f90e32d921782-FRA
style.min.css
covid-blog.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Nov 2019 22:06:04 GMT
server
cloudflare
etag
W/"5dc1f24c-a1fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
579f90e4ff86dff3-FRA
css
fonts.googleapis.com/ 		6 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
20876784718b2c5e30cb7902e91103f0ac0f11e3e72c32c82f8f1024bc03c6e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Mar 2020 08:40:17 GMT
server
ESF
date
Thu, 26 Mar 2020 08:40:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Mar 2020 08:40:17 GMT
style.css
covid-blog.com/wp-content/themes/davis/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-content/themes/davis/style.css?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd6bcec24bcd7b95dfe7747090568d5f53a0dd25c9a7bed2ed0eb30815aa166

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
W/"5c381252-455b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000
cf-ray
579f90e4ff87dff3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
covid-blog.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
etag
W/"5cde37d2-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
579f90e50f88dff3-FRA
jquery-migrate.min.js
covid-blog.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"573eaa90-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
579f90e50f8bdff3-FRA
GettyImages-540063024-57967d4a3df78ceb863e8bad.jpg
www.verywellhealth.com/thmb/SeaqPyy4Qes9iAhn7-sGfKv1y3c=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.verywellhealth.com/thmb/SeaqPyy4Qes9iAhn7-sGfKv1y3c=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/GettyImages-540063024-57967d4a3df78ceb863e8bad.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.114 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3022f11f2b4af2ad8132d22d204e3edd4425c563b1470cf18e549917c530f6d7

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age
0
x-cache
MISS, MISS
status
200
content-length
5950
x-served-by
cache-bwi5127-BWI, cache-fra19135-FRA
last-modified
Fri, 21 Feb 2020 03:30:39 GMT
server
AmazonS3
etag
"a2f1d74aa6be7e3453c31bc7ba0d9d01"
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/563/re.p"}]}
content-type
image/webp
cache-control
max-age=31536000,public,no-transform
accept-ranges
bytes
x-cache-hits
0, 0
/
ca-times.brightspotcdn.com/dims4/default/e9f4505/2147483647/strip/true/crop/3000x1846+0+0/resize/840x517!/quality/90/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-times.brightspotcdn.com/dims4/default/e9f4505/2147483647/strip/true/crop/3000x1846+0+0/resize/840x517!/quality/90/?url=https%3A%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F20%2F21%2F643efe6e453fb8dd74ddac72b5f8%2Fafp-getty-files-canada-prescription-drugs-pharmaceutical-pol.JPG
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-66.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
040114434dc391f68fd55149bfd10978268b3cb9198461860a5123ea6d156a11

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 15 Feb 2020 02:35:16 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
server
Apache
age
3477901
etag
919db3f8e2a0802e33f2a9229a0777cc
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA2-C2
content-length
84193
x-amz-cf-id
WswfkqT6XuYGZRiW_J_MGec9vCRoWrjSQns7iQhPl93wwxIXVbklQg==
expires
Sun, 14 Feb 2021 02:35:16 GMT
WWW21250.jpg
img.medscapestatic.com/pi/features/drugdirectory/octupdate/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.medscapestatic.com/pi/features/drugdirectory/octupdate/WWW21250.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.170.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
066d9766a36ea847862db861c67bc8e232d586426ba035a01b379ba43d21efe4

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
cf-cache-status
HIT
age
2668
cf-polished
degrade=85, origSize=19987, status=webp_bigger
status
200
cf-bgj
imgq:85
content-length
12652
last-modified
Wed, 31 Aug 2016 21:58:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
x-server-id
img01-web.prf.ma1.medscape.com
cache-control
max-age=5251
accept-ranges
bytes
cf-ray
579f90e77905fa8c-AMS
expires
Thu, 26 Mar 2020 09:49:40 GMT
COVID19-blog-header-940x270.jpg
blog.arthritis.org/living-with-arthritis/wp-content/uploads/sites/14/2020/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://blog.arthritis.org/living-with-arthritis/wp-content/uploads/sites/14/2020/02/COVID19-blog-header-940x270.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
HTTP/1.1
Server
162.144.128.165 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.arthritis.org
Software
nginx/1.16.1 /
Resource Hash
5d9b1e6872def39f68884ddf5a163c014a1c32d4d0ed2562029759e022fc0a1c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Mar 2020 08:40:18 GMT
Last-Modified
Mon, 02 Mar 2020 16:29:05 GMT
Server
nginx/1.16.1
X-Server-Cache
false
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17113
GettyImages-557136101-56a9cff33df78cf772aab5f3.jpg
www.verywellhealth.com/thmb/bJEUhUKSORJcfoKSg2E3bKGot3E=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.verywellhealth.com/thmb/bJEUhUKSORJcfoKSg2E3bKGot3E=/500x350/filters:no_upscale():max_bytes(150000):strip_icc():format(webp)/GettyImages-557136101-56a9cff33df78cf772aab5f3.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.114 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a7cb723aab5d421d9c75c27296b6e8143d0c54b1ee1e3e19f9d7ee8c294adbe

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
via
1.1 varnish, 1.1 varnish
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
age
0
x-cache
MISS, MISS
status
200
content-length
18542
x-served-by
cache-bwi5145-BWI, cache-fra19135-FRA
last-modified
Thu, 20 Feb 2020 20:34:41 GMT
server
AmazonS3
etag
"60c5c03929c57863c6f73344517de855"
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/563/re.p"}]}
content-type
image/webp
cache-control
max-age=31536000,public,no-transform
accept-ranges
bytes
x-cache-hits
0, 0
bayer-office-building-socialmedia-1200x630.jpg
qtxasset.com/styles/breakpoint_sm_default_480px_w/s3/fiercepharma/1584544677/bayer-office-building-socialmedia-1200x630.jpg/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qtxasset.com/styles/breakpoint_sm_default_480px_w/s3/fiercepharma/1584544677/bayer-office-building-socialmedia-1200x630.jpg/bayer-office-building-socialmedia-1200x630.jpg?htoyZMTNCHerBVnS8rqA5d557KqYrB1I&itok=yT7wlPLo
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.95.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5c4f22b02e33687bf1ee711417ee1b3704f61a9244387fa88ab670f436de756

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 26 Mar 2020 08:40:18 GMT
CF-Cache-Status
MISS
x-amz-request-id
AFE7968C125098D3
Content-Type
image/jpeg
Connection
keep-alive
Content-Length
139410
x-amz-id-2
5+DvDUJeMhLtvhFUAlTjxNG5Gp9fXAIqb92ugTrQQYFvcJXOQhYhNkvQDLt1y+RwBIYTTmAb9uQ=
Last-Modified
Wed, 18 Mar 2020 15:53:27 GMT
Server
cloudflare
ETag
"1f8602a6bb90a80f070c3a044214349c"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
x-amz-version-id
htoyZMTNCHerBVnS8rqA5d557KqYrB1I
Cache-Control
public, max-age=604800
Accept-Ranges
bytes
CF-RAY
579f90e77f62d8bd-AMS
update_0.jpg
www.gov.bm/sites/default/files/field/image/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gov.bm/sites/default/files/field/image/update_0.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.232.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-232-122.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c266e3f9b14d3e950351fb41d7de746aaa1a098366580c2d0a2a008279c16f4c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
via
varnish
x-content-type-options
nosniff
age
155647
x-cache
HIT
status
200
x-ah-environment
prod
content-length
112885
x-request-id
v-069b9406-6dd3-11ea-b951-67966712b8dc
last-modified
Tue, 10 Mar 2020 18:54:19 GMT
server
nginx
content-type
image/jpeg
expires
Tue, 07 Apr 2020 13:26:10 GMT
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
10030
coronavirus
www.who.int/health-topics/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.who.int/health-topics/coronavirus
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:9e00:16:b115:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

access-control-allow-origin
*
397add5d-3bcf-4b8a-8ad9-817ae00aedda-GTY_1213303211.JPG
www.gannett-cdn.com/presto/2020/03/19/USAT/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/presto/2020/03/19/USAT/397add5d-3bcf-4b8a-8ad9-817ae00aedda-GTY_1213303211.JPG?width=540&height=&fit=bounds&auto=webp
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df0f15b966cce74258c77ef8442dd95280fbb4e716b693b67ca72722611756c8

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:25 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
618766
x-timer
S1585212026.795107,VS0,VE89
status
200
x-cache
HIT, HIT, MISS
fastly-io-info
ifsz=4249886 idim=6516x4344 ifmt=jpeg ofsz=10550 odim=540x360 ofmt=webp
x-goog-storage-class
NEARLINE
x-cache-hits
1, 1, 0
fastly-stats
io=1
content-length
10550
x-served-by
cache-iad2145-IAD, cache-bwi5137-BWI, cache-hhn4065-HHN
timing-allow-origin
*
server
UploadServer
vcl_data
4teo2sTrkRpe2BJzz4IyqE.216_19-5fee9c6244a8b667c6d826708990b1cc
etag
"JNGyLHAlk+EThmko1BezCyFNd/POIXwxwd1ZJnOD/LY"
vary
Accept
x-goog-hash
crc32c=qFef/g==, md5=klsdz4q3JLio+xhbJyfpBA==
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-guploader-uploadid
AEnB2Ur9nTvexboy88i3kiP6H_t6QvwDVrX0omK2l_RgIEHtI_HLcuujEJu7ijdFBXs9310IR84VMWSFapgKVRnylhBKPUNsyuuzXWfH4t4BeMxEKgLnVfQ
expires
Thu, 19 Mar 2020 04:47:39 GMT
stay-informed.jpg
www.lupusresearch.org/wp-content/uploads/2017/08/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lupusresearch.org/wp-content/uploads/2017/08/stay-informed.jpg
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.246.9 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.246.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5bd0afe280d36db7d2a594f79372b2c33cad3771a1f5fd8624077d30bcd9699

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:18 GMT
last-modified
Mon, 02 Oct 2017 20:43:59 GMT
server
nginx
access-control-allow-origin
*
etag
"59d2a50f-f018"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
61464
construct.js
covid-blog.com/wp-content/themes/davis/assets/js/ 		2 KB
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-content/themes/davis/assets/js/construct.js?ver=1.15
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84820a4a20f476e5a10a628fc615c721f1c1a613bf25e82cdeec923ed90e1958

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
W/"5c381252-719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
cf-ray
579f90e68b24dff3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
covid-blog.com/wp-includes/js/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://covid-blog.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://covid-blog.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 05 Oct 2019 19:49:10 GMT
server
cloudflare
etag
W/"5d98f3b6-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
579f90e6fc3ddff3-FRA
sep.png
covid-blog.com/wp-content/themes/davis/assets/images/ 		387 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://covid-blog.com/wp-content/themes/davis/assets/images/sep.png
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:64ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd365ad1c83e26ef30b5dbaea4b64461db4d76cd7d5efeb13be1fe179d121a4e

Request headers

Referer
https://covid-blog.com/wp-content/themes/davis/style.css?ver=5.3.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 26 Mar 2020 08:40:17 GMT
cf-cache-status
MISS
last-modified
Fri, 11 Jan 2019 03:49:38 GMT
server
cloudflare
etag
"5c381252-183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
579f90e6fc44dff3-FRA
content-length
387
expires
Thu, 31 Dec 2037 23:55:55 GMT
EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 21 Mar 2020 16:48:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:27 GMT
server
sffe
age
402727
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13280
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:48:10 GMT
EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 20:30:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:48 GMT
server
sffe
age
1339801
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13372
x-xss-protection
0
expires
Wed, 10 Mar 2021 20:30:16 GMT
EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
fonts.gstatic.com/s/ptserif/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v11/EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
Requested by
Host: covid-blog.com
URL: https://covid-blog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%2C400italic%2C700italic&ver=5.3.2
Origin
https://covid-blog.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Mar 2020 00:40:09 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:32 GMT
server
sffe
age
1324808
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
14020
x-xss-protection
0
expires
Thu, 11 Mar 2021 00:40:09 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| davis object| wp object| jQuery11240474056869319361

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://covid-blog.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.arthritis.org
ca-times.brightspotcdn.com
covid-blog.com
fonts.googleapis.com
fonts.gstatic.com
img.medscapestatic.com
qtxasset.com
www.gannett-cdn.com
www.gov.bm
www.lupusresearch.org
www.verywellhealth.com
www.who.int
104.16.170.79
104.16.95.165
13.225.73.66
151.101.114.62
151.101.14.114
162.144.128.165
2600:9000:21f3:9e00:16:b115:d0c0:93a1
2606:4700:3031::6818:64ec
2a00:1450:4001:814::2003
2a00:1450:4001:821::200a
35.185.246.9
54.228.232.122
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
040114434dc391f68fd55149bfd10978268b3cb9198461860a5123ea6d156a11
066d9766a36ea847862db861c67bc8e232d586426ba035a01b379ba43d21efe4
1a7cb723aab5d421d9c75c27296b6e8143d0c54b1ee1e3e19f9d7ee8c294adbe
1bd6bcec24bcd7b95dfe7747090568d5f53a0dd25c9a7bed2ed0eb30815aa166
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20876784718b2c5e30cb7902e91103f0ac0f11e3e72c32c82f8f1024bc03c6e3
3022f11f2b4af2ad8132d22d204e3edd4425c563b1470cf18e549917c530f6d7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5d9b1e6872def39f68884ddf5a163c014a1c32d4d0ed2562029759e022fc0a1c
690e663bad9295c398552be2e7fdaf22465ce1b376ca23ea2c5ff206497fd6ec
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
84820a4a20f476e5a10a628fc615c721f1c1a613bf25e82cdeec923ed90e1958
a5c4f22b02e33687bf1ee711417ee1b3704f61a9244387fa88ab670f436de756
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
c266e3f9b14d3e950351fb41d7de746aaa1a098366580c2d0a2a008279c16f4c
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dd365ad1c83e26ef30b5dbaea4b64461db4d76cd7d5efeb13be1fe179d121a4e
df0f15b966cce74258c77ef8442dd95280fbb4e716b693b67ca72722611756c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5bd0afe280d36db7d2a594f79372b2c33cad3771a1f5fd8624077d30bcd9699