urlscan.io logo urlscan.io
SecurityTrails logo

corona.help Open in urlscan Pro
2606:4700:e0::ac40:6a11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://corona.help/
Effective URL: https://corona.help/
Submission: On March 13 via manual from CL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 19 domains to perform 64 HTTP transactions. The main IP is 2606:4700:e0::ac40:6a11, located in United States and belongs to CLOUDFLARENET, US. The main domain is corona.help.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 27th 2020. Valid for: 8 months.
This is the only time corona.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    2606:4700:e0::ac40:6a11 (United States)

ASN13335 (CLOUDFLARENET, US)
corona.help
1    2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    52.57.64.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-64-116.eu-central-1.compute.amazonaws.com
www.ezojs.com
2    13.225.73.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-66.fra2.r.cloudfront.net
img.icons8.com
4    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    78.47.1.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.1.47.78.clients.your-server.de
t.zuzab.com
3    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2606:4700:3036::681f:419c (United States)

ASN13335 (CLOUDFLARENET, US)
maphub.net
3    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
www.googletagservices.com
4    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:20eb:3200:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)
go.ezoic.net
1    91.228.74.223 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
3    23.11.238.95 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-238-95.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2600:9000:2156:ea00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    91.228.74.146 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
Domain Requested by
25 corona.help 1 redirects corona.help
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 fonts.gstatic.com pagead2.googlesyndication.com
4 cdnjs.cloudflare.com corona.help
4 pagead2.googlesyndication.com corona.help
pagead2.googlesyndication.com
3 sb.scorecardresearch.com 1 redirects go.ezoic.net
3 ssl.google-analytics.com corona.help
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
corona.help
2 t.zuzab.com corona.help
2 img.icons8.com corona.help
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com go.ezoic.net
1 go.ezoic.net corona.help
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 maphub.net corona.help
1 fonts.googleapis.com corona.help
1 www.ezojs.com corona.help
1 www.googletagmanager.com corona.help
64 22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-27 -
2020-10-09		 8 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
ezojs.com
Let's Encrypt Authority X3		 2020-02-10 -
2020-05-10		 3 months crt.sh
*.icons8.com
COMODO RSA Domain Validation Secure Server CA		 2018-02-26 -
2020-05-26		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
zuzab.com
Let's Encrypt Authority X3		 2020-02-12 -
2020-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-02-25 -
2020-05-19		 3 months crt.sh
*.ezoic.net
COMODO RSA Domain Validation Secure Server CA		 2017-03-15 -
2020-03-14		 3 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh

This page contains 7 frames:

Primary Page: https://corona.help/
Frame ID: 20FEE598714676349551C53CCA0249D5
Requests: 58 HTTP requests in this frame

Frame: https://maphub.net/embed/81509?button=0&legend=1&panel=1
Frame ID: BAB1F9057B79D64A3D1C7C3323B46EE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/zrt_lookup.html
Frame ID: 12E8547936D0FC2AF1C8367A63E32EE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&adk=1812271804&adf=3025194257&lmt=1584129344&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.help%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584129343997&bpp=33&bdt=73&fdt=179&idt=179&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7852262852625&frm=20&pv=2&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=8844059082736&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=193
Frame ID: 6A2A9BAFE686F5B58D6575DF4119E26F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=1712765404&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344342&bpp=8&bdt=418&fdt=9&idt=9&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=1792&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a7yaXjixVv&p=https%3A//corona.help&dtd=16
Frame ID: A514EDE631810C2002A2BA7C3A40D75B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=64994175&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344367&bpp=4&bdt=443&fdt=4&idt=4&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2838&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=GuuAPvGpMi&p=https%3A//corona.help&dtd=8
Frame ID: CD39E31689AA5AA8867688AD21B40E02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 14D7F5F4F4E86382DF43D3E37A706874
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://corona.help/ HTTP 301
    https://corona.help/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

64
Requests

100 %
HTTPS

68 %
IPv6

19
Domains

22
Subdomains

19
IPs

3
Countries

576 kB
Transfer

2015 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://corona.help/ HTTP 301
    https://corona.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9=

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
corona.help/
Redirect Chain
  • http://corona.help/
  • https://corona.help/
184 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce401fee2f4db23642d668c789a75ab047d0caad44b19971e24aa3639595614b

Request headers

:method
GET
:authority
corona.help
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 13 Mar 2020 19:55:43 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dfe67a82b78385a3ff86b576da1bc469c1584129343; expires=Sun, 12-Apr-20 19:55:43 GMT; path=/; domain=.corona.help; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6IlNyRXIxdkNzdWUyVmNPWnRaeDFqT0E9PSIsInZhbHVlIjoiR2xqbTBxVWdYVjFpUjFEd1wvRGVJWWJVTlRkVzVYS3JuZ1FBM2xLcytyTCtRSVdzQUIzeXFcL1wvc1pwNE1kYVwvRlAiLCJtYWMiOiJlMmU4NjU3MmEzMDNlMDk2ZDI4ZjBlOWM2OGQwNzE2MmM1OTU3MDI3NTcxOWUwMDNmNTU1ZjBmY2U2OTljNmJmIn0%3D; expires=Fri, 13-Mar-2020 21:55:43 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjhwOGp2amlGKzdlb3l1aW40SWs0Zmc9PSIsInZhbHVlIjoiRG9XQWswNGluWE9cL2p6RjluWkNoQjFxMWhNNW8zMHA1MmRtVnhhbjdYaE1OUWtRQUJPYmlSQWtnbnZ3d2xcL0ZqIiwibWFjIjoiYWNjODQ1NWEzZmI0ZTIwZGNhMDhhZTQ5MTI3MGNmMzE1YThhYmVmNWUwZTRiOGQyOGY1MTBkZWQ3N2M2ZGVhMSJ9; expires=Fri, 13-Mar-2020 21:55:43 GMT; Max-Age=7200; path=/; httponly ezoadgid_179986=-1; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 20:25:43 UTC ezoref_179986=; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 21:55:43 UTC ezoab_179986=mod4; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 21:55:43 UTC active_template::179986=orig_site.1584129343; Path=/; Domain=corona.help; Expires=Sun, 15 Mar 2020 19:55:43 UTC lp_179986=https://corona.help/; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 21:55:43 UTC ezovuuidtime_179986=1584129343; Path=/; Domain=corona.help; Expires=Sun, 15 Mar 2020 19:55:43 UTC ezovuuid_179986=4a8a1304-b05f-4b92-4490-13bf5da22a02; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 20:25:43 UTC ezopvc_179986=1; Path=/; Domain=corona.help; Expires=Fri, 13 Mar 2020 20:25:43 UTC ezCMPCCS=true; Path=/; Domain=corona.help; Expires=Sat, 13 Mar 2021 20:55:43 GMT
cache-control
max-age=0, must-revalidate, no-cache, no-store
display
orig_site_sol
expires
Thu, 12 Mar 2020 19:55:43 GMT
pagespeed
off
response
200
vary
Accept-Encoding,X-APP-JSON
x-middleton-display
orig_site_sol
x-middleton-response
200
x-sol
orig
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5738506eda9e176e-FRA
content-encoding
br

Redirect headers

Date
Fri, 13 Mar 2020 19:55:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 13 Mar 2020 20:55:43 GMT
Location
https://corona.help/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5738506e9fd764a9-FRA
chartist.min.css
corona.help/plugins/chartist/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.help/plugins/chartist/css/chartist.min.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
age
70225
x-ezoic-cdn
Hit ds;mm;ad8d408bf91d9d0db884e560461c3710;2-179986-0;34114295-4621-4c77-549f-86ac8dcf2105
status
200
x-middleton-display
orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:41 GMT
server
cloudflare
etag
W/"5e2ecfac-2cf4-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
text/css
cache-control
public, max-age=86400
cf-ray
5738506f8c6e176e-FRA
display
orig_site_sol
bootstrap.min.css
corona.help/assets/css/ 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/css/bootstrap.min.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
age
71297
x-ezoic-cdn
Hit ds;mm;b904f08f0e43eecf0e8eac5f66726f66;2-179986-0;693e61a9-1193-4939-421d-0207ce1711ce
status
200
x-middleton-display
orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:36 GMT
server
cloudflare
etag
W/"5e2ecfa3-2606e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
text/css
cache-control
public, max-age=86400
cf-ray
5738506f8c70176e-FRA
display
orig_site_sol
icons.css
corona.help/assets/css/ 		338 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/css/icons.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18295894541df40fc29d053a491f0479b88f4a0ceae5f284683e0311622fc904

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
age
75848
x-ezoic-cdn
Hit ds;mm;de79b22f0d4e1afc7d13411b7d3ee03f;2-179986-0;cf251c15-93c8-4174-6c07-bfe28fc1b9b9
status
200
x-middleton-display
orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 21:56:51 GMT
server
cloudflare
etag
W/"5e2ecfa4-54921-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
text/css
cache-control
public, max-age=86400
cf-ray
5738506f8c72176e-FRA
display
orig_site_sol
style.css
corona.help/assets/css/ 		77 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/css/style.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f74a44c4a2b213e3f3773d671bc5abf30b552dcea47e5eeb67afecd8a2b1a7

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
age
70852
x-ezoic-cdn
Hit ds;mm;249c9a1b35107db62e047fdbba8617a0;2-179986-0;ed0684e6-4fda-441a-4d24-fc5d9f9dcc89
status
200
x-middleton-display
orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:39 GMT
server
cloudflare
etag
W/"5e2ecfa2-13490-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
text/css
cache-control
public, max-age=86400
cf-ray
5738506f8c76176e-FRA
display
orig_site_sol
app.css
corona.help/ 		690 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://corona.help/app.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede538ff7509ca5b9b6a9229d55905d58baaebfb46ac4788afa0fc7caee7e0a1

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
age
71297
x-ezoic-cdn
Hit ds;mm;1d1c2866e17e8881c5981a0267424a02;2-179986-0;268e4a9f-dada-4396-6543-614947dd4cbd
status
200
x-middleton-display
orig_site_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:32 GMT
server
cloudflare
etag
W/"5e31a896-2b2-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
text/css
cache-control
public, max-age=86400
cf-ray
5738506f8c78176e-FRA
display
orig_site_sol
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-170833-102
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76072c181e858a6212dc6f0898927b4494f8127c3b7f853b3339e0eaaf79450a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28538
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Mar 2020 19:55:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
659a322c15023c2d5b5ebf0b792984ab8a9b5ccadf5bc8d77808692326754d95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38544
x-xss-protection
0
server
cafe
etag
18321608914225800247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 13 Mar 2020 19:55:43 GMT
rochester.js
corona.help/detroitchicago/ 		3 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/detroitchicago/rochester.js?cb=188-0&v=8
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645cb3933b83f3c78583042280625530a7bb59da558abb07419188ea8a7004aa

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 06 Mar 2020 23:25:43 GMT
server
cloudflare
age
423260
etag
W/"c7b-5a037f8e5abc0;5a037f8e5abc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5738506fed7a176e-FRA
ezd.js
www.ezojs.com/ezoic/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/ezoic/ezd.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.64.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-64-116.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
last-modified
Fri, 06 Mar 2020 23:25:43 GMT
server
nginx/1.16.0
etag
"2e60-5a037f8e5abc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
3845
expires
Sat, 13 Mar 2021 19:55:44 GMT
facebook-new.png
img.icons8.com/color/24/000000/ 		674 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/color/24/000000/facebook-new.png
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-66.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
c6744e23720fc27d5bc625204cde1a4bea5b230da460ac04269351c940d543ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
memory-svg-cache
true
version
0.171
x-amz-cf-pop
FRA2-C2
from-cache
false
from-svg-cache
true
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
status
200
memory-cache
true
content-length
674
x-xss-protection
1; mode=block
not-found-platform
false
last-modified
Thu, 21 Nov 2019 20:46:16 GMT
server
CloudFront
date
Wed, 11 Mar 2020 21:07:44 GMT
x-download-options
noopen
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition
cache-control
public, max-age=302400
x-amz-cf-id
BPFhyg92DV-iS5x0GyfiyOOfqaR0F87zfrNGvuut9mP_7LUWrDkaoA==
icon-id
118497
whatsapp.png
img.icons8.com/color/24/000000/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.icons8.com/color/24/000000/whatsapp.png
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-66.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
9f00043f1502445046e8207d8f0a47c196c47c48ff6273335ec807f711c7cf19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
memory-svg-cache
true
version
0.171
x-amz-cf-pop
FRA2-C2
from-cache
false
from-svg-cache
true
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
status
200
memory-cache
true
content-length
1115
x-xss-protection
1; mode=block
not-found-platform
false
last-modified
Sun, 24 Nov 2019 20:12:18 GMT
server
CloudFront
date
Wed, 11 Mar 2020 11:51:15 GMT
x-download-options
noopen
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Disposition
cache-control
public, max-age=302400
x-amz-cf-id
1cdwL_5ArpkKtTaSpTzPHzopqiI50fP9dDZYt1SjKIMI53SNiWgjFA==
icon-id
16713
jquery.min.js
corona.help/assets/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/js/jquery.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
71297
x-ezoic-cdn
Hit ds;mm;b8986dd0560c399785b26268d259728a;2-179986-0;73db23cf-a03a-4e80-7f9a-210174c36525
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:37 GMT
server
cloudflare
etag
W/"5e2ecfa3-1538e-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fbced176e-FRA
display
staticcontent_sol
bootstrap.bundle.min.js
corona.help/assets/js/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/js/bootstrap.bundle.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
75176
x-ezoic-cdn
Hit ds;mm;2c0cc731583db647c1c2285db3da9c81;2-179986-0;0d745809-ece5-4272-51a1-059f46f4dcd6
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 21:56:46 GMT
server
cloudflare
etag
W/"5e2ecfa2-1332b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fcd16176e-FRA
display
staticcontent_sol
jquery.slimscroll.js
corona.help/assets/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/js/jquery.slimscroll.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ae991f3c0c611e7f794d9278321a072bacfea922f48158f219b197953a0f56

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
77064
x-ezoic-cdn
Miss
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 21:56:54 GMT
server
cloudflare
etag
W/"5e2ecfa2-3608-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed63176e-FRA
display
staticcontent_sol
waves.min.js
corona.help/assets/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/js/waves.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ffc00429342db1b5fd3bd0438fac6f08f398fc499fd485e5fec5276030278a

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
71297
x-ezoic-cdn
Miss
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:40 GMT
server
cloudflare
etag
W/"5e2ecfa2-18b9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed6b176e-FRA
display
staticcontent_sol
chartist.min.js
corona.help/plugins/chartist/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/plugins/chartist/js/chartist.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5337df46e798872643c3c0a3dfd5029e7820bc17dad5f3dc0d0d1abaf09bbc27

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
70168
x-ezoic-cdn
Hit ds;mm;66b720443e5b49037d2e83082c4f4cc3;2-179986-0;9abd529b-0327-4ee7-679c-ff0c2677a415
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:37 GMT
server
cloudflare
etag
W/"5e2ecfac-9d16-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed6f176e-FRA
display
staticcontent_sol
chartist-plugin-tooltip.min.js
corona.help/plugins/chartist/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/plugins/chartist/js/chartist-plugin-tooltip.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ffc627c866f5f2639215afdc69755b222d15e711a2936770bb7e3dc5e10a7e

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
70168
x-ezoic-cdn
Hit ds;mm;a3c0e79a27b13659c3fbbb51b39e7395;2-179986-0;3c554b11-51a1-4afb-6ed7-b55ea0278532
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:39 GMT
server
cloudflare
etag
W/"5e2ecfac-a0b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed72176e-FRA
display
staticcontent_sol
jquery.peity.min.js
corona.help/plugins/peity-chart/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/plugins/peity-chart/jquery.peity.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07ec726e599e85e7e6114bbc348b2ecf7d8db1516d6bdb7e63f4a9032ea7a1ce

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
71297
x-ezoic-cdn
Miss
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:41 GMT
server
cloudflare
etag
W/"5e2ecfab-e83-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed77176e-FRA
display
staticcontent_sol
app.js
corona.help/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/js/app.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165d1da69b46f0e38697d9c084442183ff6036a177638012ce400ad89a7bfeb6

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
71297
x-ezoic-cdn
Hit ds;mm;9fe905d337796a5a35e47a225a859a41;2-179986-0;6b0990ba-9383-4f69-40b1-58bfb9d93047
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 23:15:39 GMT
server
cloudflare
etag
W/"5e2ecfa2-e54-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,Origin,X-APP-JSON
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
5738506fed78176e-FRA
display
staticcontent_sol
chartist-plugin-legend.min.js
cdnjs.cloudflare.com/ajax/libs/chartist-plugin-legend/0.6.2/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/chartist-plugin-legend/0.6.2/chartist-plugin-legend.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e45c7e42002f2f4c81bda0b506bcebf6271eb0abc5430105e0bc182884da255
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
11623503
cf-ray
5738506feb6dc2d1-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:22 GMT
server
cloudflare
etag
W/"5afd48de-a5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 03 Mar 2021 19:55:43 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.000
Chart.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/ 		221 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.bundle.min.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0abce315fabe4c11d10b35a87e400e43fe32f1f45bef44ed374726ca084223
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
br
cf-cache-status
HIT
age
640447
cf-ray
5738506feb6fc2d1-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 27 Nov 2019 14:46:06 GMT
server
cloudflare
etag
W/"5dde8c2e-373b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 03 Mar 2021 19:55:43 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
Chart.min.css
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/ 		521 B
291 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.min.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ad316898262bf5fbe16336db828c41e3500b6c582b0940b74f2866a8de1741
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 13 Mar 2020 19:55:43 GMT
content-encoding
br
cf-cache-status
HIT
age
8288026
cf-ray
5738506feb73c2d1-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 27 Nov 2019 14:46:10 GMT
server
cloudflare
etag
W/"5dde8c32-209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 03 Mar 2021 19:55:43 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
css
fonts.googleapis.com/ 		9 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500|Sarabun:400,600,700
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b9e686ee5109bca0828082621baf145388ee77459703b97545627f662e99fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 13 Mar 2020 19:55:43 GMT
server
ESF
date
Fri, 13 Mar 2020 19:55:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 13 Mar 2020 19:55:43 GMT
t.js
t.zuzab.com/ 		893 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.zuzab.com/t.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.47.1.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.1.47.78.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
f9a621cbfc36bb506e0813fe165911232d32f1271b2c7f60baa0d3f480f58c6d

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
last-modified
Mon, 24 Feb 2020 15:37:19 GMT
server
nginx/1.14.2
etag
W/"5e53edaf-37d"
vary
Accept-Encoding
content-type
application/javascript
status
200
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4867
date
Fri, 13 Mar 2020 18:34:36 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Fri, 13 Mar 2020 20:34:36 GMT
81509
maphub.net/embed/ Frame BAB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://maphub.net/embed/81509?button=0&legend=1&panel=1
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:419c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
maphub.net
:scheme
https
:path
/embed/81509?button=0&legend=1&panel=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
date
Fri, 13 Mar 2020 19:55:44 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1f44eba88958e48df03f32f5dfa900051584129344; expires=Sun, 12-Apr-20 19:55:44 GMT; path=/; domain=.maphub.net; HttpOnly; SameSite=Lax; Secure session=f8183f61adc7488ce3a86c1c3bc1be26515e8dfegAJVQGJjOTQ5YzQwMzRhMjM2OTA1ZThhOTUzNDc2MDI1MzAzNjljNGMzNGI5MTZlN2ZlMWU0MDMzMjUwODcwYmNjN2FxAS4=; Max-Age=315360000; Path=/; expires=Mon, 11-Mar-2030 19:55:44 GMT; secure; HttpOnly
vary
Accept-Encoding Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
573850702f22d6e9-FRA
content-encoding
gzip
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=corona.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=corona.help
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/ 		222 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a94735f3a0e915a85bd8e216702c3146e1ffd2f6395276c8e5baee1249baaf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84919
x-xss-protection
0
server
cafe
etag
4312303881591303584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 13 Mar 2020 19:55:44 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500|Sarabun:400,600,700
Origin
https://corona.help
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1336118
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT
themify.woff
corona.help/assets/fonts/ 		55 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://corona.help/assets/fonts/themify.woff?-fvbane
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer
https://corona.help/assets/css/icons.css
Origin
https://corona.help
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
br
vary
User-Agent,Origin,Accept-Encoding,X-APP-JSON
cf-cache-status
HIT
age
75050
x-ezoic-cdn
Hit ds;mm;fb5b8bc1fc4f49cf7df362308463f13d;2-179986-0;be189c82-6b63-46cd-6b20-b0afcdec2644
status
200
x-middleton-display
staticcontent_sol
x-middleton-response
200
response
200
last-modified
Thu, 12 Mar 2020 21:56:54 GMT
server
cloudflare
etag
W/"5e2ecfa2-db2c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/font-woff
access-control-allow-origin
https://corona.help
cache-control
public, max-age=86400
cf-ray
573850701dde176e-FRA
display
staticcontent_sol
DtVmJx26TKEr37c9YK5silss6yLUrwA.woff2
fonts.gstatic.com/s/sarabun/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v7/DtVmJx26TKEr37c9YK5silss6yLUrwA.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45061fbe520a9bbd1828ab58976bd21095e2d0c9debdb081a363ac27a81e7f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500|Sarabun:400,600,700
Origin
https://corona.help
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 08:12:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:12:36 GMT
server
sffe
age
646985
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10612
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:12:39 GMT
DtVmJx26TKEr37c9YMptilss6yLUrwA.woff2
fonts.gstatic.com/s/sarabun/v7/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v7/DtVmJx26TKEr37c9YMptilss6yLUrwA.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2022a3ac70005918a5e5a5793f4253575484a85362a6eb6f7edd2f287cc599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500|Sarabun:400,600,700
Origin
https://corona.help
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:41:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:12:02 GMT
server
sffe
age
3698076
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10640
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:41:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500|Sarabun:400,600,700
Origin
https://corona.help
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
751385
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:12:39 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/ Frame 12E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200305/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200305/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Fri, 06 Mar 2020 00:52:06 GMT
expires
Fri, 20 Mar 2020 00:52:06 GMT
content-type
text/html; charset=UTF-8
etag
10348540741379653356
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4494
x-xss-protection
0
cache-control
public, max-age=1209600
age
673418
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-170833-102
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4629
date
Fri, 13 Mar 2020 18:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 13 Mar 2020 20:38:35 GMT
edmonton.webp
corona.help/detroitchicago/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/detroitchicago/edmonton.webp?a=a&cb=0&shcb=32
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd72b265a40860b98315b27ea86fe52789601b283515873fe042497b7d557beb

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
423207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
cf-ray
57385070dfb5176e-FRA
jellyfish.webp
corona.help/porpoiseant/ 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://corona.help/porpoiseant/jellyfish.webp?a=a&cb=0&shcb=32
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cf27e164b238d52bc343ab2d83187191212a451861fbb205138c69a4289fb78

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
423207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
cf-ray
57385070dfb8176e-FRA
Chart.min.css
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/ 		521 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.9.3/Chart.min.css
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
br
cf-cache-status
HIT
age
8288027
cf-ray
57385070dd98c2d1-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 27 Nov 2019 14:46:10 GMT
server
cloudflare
etag
W/"5dde8c32-209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 03 Mar 2021 19:55:44 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
imp.gif
corona.help/detroitchicago/ 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A179986%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22de281d2b-0f22-4b36-67c6-505f21eddab1%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A49%2C%22serverid%22%3A%223.122.251.15%3A9222%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1584129343%2C%22template_id%22%3A126%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcorona.help%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1770%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
imp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
57385070efcd176e-FRA
content-length
43
__utm.gif
ssl.google-analytics.com/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=171419354&utmhn=corona.help&utme=8(template*t*rid*bra)9(old_site_gc*126*0*mod4)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&utmhid=684663348&utmr=-&utmp=%2F&utmht=1584129344162&utmac=UA-158837884-28&utmcc=__utma%3D148059173.2137682941.1584129344.1584129344.1584129344.1%3B%2B__utmz%3D148059173.1584129344.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1311159607&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 19:55:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=246472211&utmhn=corona.help&utme=8(template*domain)9(old_site_gc*corona.help)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&utmhid=684663348&utmr=-&utmp=%2F&utmht=1584129344164&utmac=UA-38339005-1&utmcc=__utma%3D148059173.2137682941.1584129344.1584129344.1584129344.1%3B%2B__utmz%3D148059173.1584129344.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=220512914&utmredir=1&utmmt=1&utmu=qTAgAAAAAAAAAAAAAAAAAABE~
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 19:55:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6A2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&adk=1812271804&adf=3025194257&lmt=1584129344&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.help%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584129343997&bpp=33&bdt=73&fdt=179&idt=179&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7852262852625&frm=20&pv=2&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=8844059082736&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=193
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3893302124345833&output=html&adk=1812271804&adf=3025194257&lmt=1584129344&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.help%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1584129343997&bpp=33&bdt=73&fdt=179&idt=179&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7852262852625&frm=20&pv=2&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=8844059082736&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=193
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Mar 2020 19:55:44 GMT
server
cafe
content-length
529
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 13-Mar-2020 20:10:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 13 Mar 2020 19:55:44 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9876c8c8bbe2d52581e1a42d5b440e4f776769a90f24f1d8d847a2d09b0609bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1583960025657856"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27560
x-xss-protection
0
expires
Fri, 13 Mar 2020 19:55:44 GMT
test
t.zuzab.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.zuzab.com/test?h=corona.help&p=%2F&z=corona.help&r=&b=0
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.47.1.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.1.47.78.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
x-ratelimit-remaining
359
cache-control
no-cache, private
x-ratelimit-limit
360
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=684663348&t=pageview&_s=1&dl=https%3A%2F%2Fcorona.help%2F&ul=en-us&de=UTF-8&dt=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_utma=148059173.2137682941.1584129344.1584129344.1584129344.1&_utmz=148059173.1584129344.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1584129344220&_u=IQBCAUAB~&jid=141765409&gjid=434295423&cid=2137682941.1584129344&tid=UA-170833-102&_gid=541921677.1584129344&_r=1&gtm=2ou340&z=1929300204
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 19:55:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenoaks.gif
corona.help/detroitchicago/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZGUyODFkMmItMGYyMi00YjM2LTY3YzYtNTA1ZjIxZWRkYWIxIiwiZG9tYWluX2lkIjoiMTc5OTg2IiwidF9lcG9jaCI6MTU4NDEyOTM0MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjAtMDMtMTMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRlMjgxZDJiLTBmMjItNGIzNi02N2M2LTUwNWYyMWVkZGFiMSIsImRvbWFpbl9pZCI6IjE3OTk4NiIsInRfZXBvY2giOjE1ODQxMjkzNDMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRlMjgxZDJiLTBmMjItNGIzNi02N2M2LTUwNWYyMWVkZGFiMSIsImRvbWFpbl9pZCI6IjE3OTk4NiIsInRfZXBvY2giOjE1ODQxMjkzNDMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
573850716968176e-FRA
content-length
43
expires
Thu, 12 Mar 2020 19:55:41 UTC
ads
googleads.g.doubleclick.net/pagead/ Frame A514 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=1712765404&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344342&bpp=8&bdt=418&fdt=9&idt=9&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=1792&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a7yaXjixVv&p=https%3A//corona.help&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=1712765404&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344342&bpp=8&bdt=418&fdt=9&idt=9&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=1792&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=a7yaXjixVv&p=https%3A//corona.help&dtd=16
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Mar 2020 19:55:44 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
IDE=AHWqTUnaTR-p7PmwKRLDtrNPu7UoGgHwwocRSuJmbjNfVz1-mHy8cj3tgpCYJ9ci; expires=Wed, 07-Apr-2021 19:55:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 13 Mar 2020 19:55:44 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame CD39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=64994175&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344367&bpp=4&bdt=443&fdt=4&idt=4&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2838&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=GuuAPvGpMi&p=https%3A//corona.help&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3893302124345833&output=html&h=280&adk=1213588912&adf=64994175&w=1200&fwrn=4&fwrnh=100&lmt=1584129344&rafmt=1&to=qs&pwprc=3206257856&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fcorona.help%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1584129344367&bpp=4&bdt=443&fdt=4&idt=4&shv=r20200305&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=7852262852625&frm=20&pv=1&ga_vid=2137682941.1584129344&ga_sid=1584129344&ga_hid=684663348&ga_fc=1&ga_wpids=UA-158837884-28&iag=0&icsg=149581547438064&dssz=42&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=2838&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21064523%2C21065005&oid=3&pvsid=1578555378848585&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=144&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=GuuAPvGpMi&p=https%3A//corona.help&dtd=8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 13 Mar 2020 19:55:44 GMT
server
cafe
content-length
206
x-xss-protection
0
set-cookie
IDE=AHWqTUmV77VNmJ2Fd2bBBidHstHODPpVAVDJzJpEzb5c0zXcm2eNI9Gf7jcODXs1; expires=Wed, 07-Apr-2021 19:55:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Fri, 13 Mar 2020 19:55:44 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200305&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46153a2c6092936953aef33d4ba8e41f2db0009269529747cece3c390307e99e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
Origin
https://corona.help
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5224
x-xss-protection
0
greenoaks.gif
corona.help/detroitchicago/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRlMjgxZDJiLTBmMjItNGIzNi02N2M2LTUwNWYyMWVkZGFiMSIsImRvbWFpbl9pZCI6IjE3OTk4NiIsInRfZXBvY2giOjE1ODQxMjkzNDMsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjU1In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxNTgifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMjExIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMjEyIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjYzNSJ9XX1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
57385073ef70176e-FRA
content-length
43
expires
Thu, 12 Mar 2020 19:55:45 UTC
greenoaks.gif
corona.help/detroitchicago/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIzMDQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjMwNCJ9XX1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
57385073ef75176e-FRA
content-length
43
expires
Thu, 12 Mar 2020 19:55:43 UTC
greenoaks.gif
corona.help/detroitchicago/ 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiZGUyODFkMmItMGYyMi00YjM2LTY3YzYtNTA1ZjIxZWRkYWIxIiwiZG9tYWluX2lkIjoiMTc5OTg2IiwidF9lcG9jaCI6MTU4NDEyOTM0MywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImRlMjgxZDJiLTBmMjItNGIzNi02N2M2LTUwNWYyMWVkZGFiMSIsImRvbWFpbl9pZCI6IjE3OTk4NiIsInRfZXBvY2giOjE1ODQxMjkzNDMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
57385073ef92176e-FRA
content-length
43
expires
Thu, 12 Mar 2020 19:55:44 UTC
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200305/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 19:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Fri, 13 Mar 2020 19:55:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 14D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://corona.help/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://corona.help/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Fri, 13 Mar 2020 18:50:10 GMT
expires
Sat, 13 Mar 2021 18:50:10 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3934
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200305&jk=1578555378848585&bg=!kpGlkYlYR1HbBDLgQYcCAAAANlIAAAAJmQFX5zqLTxE0P3YnwWJROmgMzWtmmfxtIpTYcFCxh2ytxgJNCGB3e022fqGIlpSe5Gn8KQTN83llUHCDtYlGRihSTQw6SN5IKDY9F95SG__tXmP2mIM741n5oUXHqR_pqSA4v0SQG3I4lCQ43p0k0oS8SpNhNlND_6b1aScaiRL20f02T6puruWp47BSvyvZjEa-teGZfHXb9Vn30exwpKf6c1Gf-FWpnPLYHWNkWkItjRAnhM6LZgf7BG63oz__MNXmEYPTxi6OQJbFdA9iaD8PxB-zG9OUGm2_9Dz6HGu5aYJ9vt7iLVE2-i7UzcUMdAshnjEEVo5FN83_IkCoHI5ojib877nk2od5s7avDn_7jMv3wVM595flFomM9i0dcSOM2ZhXhrwDTsk6lV08enDEHndytauMLBgS02HsBNHkTtr8dMK5ahQlHWXRcbaReUblXIBmG5dPTg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 13 Mar 2020 19:55:44 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
audins.js
go.ezoic.net/detroitchicago/ 		821 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezoic.net/detroitchicago/audins.js?cb=188-0
Requested by
Host: corona.help
URL: https://corona.help/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:3200:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 11:44:15 GMT
via
1.1 varnish (Varnish/6.0), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
age
2189494
x-vcache
Miss
x-cache
Hit from cloudfront
status
200
x-shard
content-length
821
last-modified
Fri, 14 Feb 2020 00:58:30 GMT
server
nginx/1.16.0
etag
"335-59e7eb4351980;59e7eb4351980-gzip"
vary
Accept-Encoding
x-varnish
124135119
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ts2QQ0mPafYbCMMMxgf_5zssI7CxT0zvormLhEMnlh6hR7mLrUJ4bg==
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=188-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.223 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 19:55:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13-Mar-2020 19:55:49 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Fri, 20 Mar 2020 19:55:49 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=188-0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-238-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 13 Mar 2020 19:55:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Sat, 14 Mar 2020 19:55:49 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.11.238.95 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-11-238-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 13 Mar 2020 19:55:49 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1584129349775&ns_c=UTF-8&cv=3.5&c8=Coronavirus%20(COVID-19)%20Live%20Infections%20and%20Deaths%20Updates&c7=https%3A%2F%2Fcorona.help%2F&c9=
Pragma
no-cache
Date
Fri, 13 Mar 2020 19:55:49 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		3 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ea00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 13 Mar 2020 07:19:45 GMT
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 19:50:24 GMT
server
AmazonS3
age
45377
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
5xk4Xb-Vyhj4ZBrnq9A-ZVsC4Eu1EJE-oS6sDEo4Xy3LapJYuxWqOg==
pixel;r=732499019;labels=Domain.corona_help%2CDomainId.179986;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcorona.help%2F;fpan=1;fpa=P0-1743134113-1584129349817;ns=0;ce=1;qjs=1;qv=0e9a7da-2019120514070...
pixel.quantserve.com/ 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=732499019;labels=Domain.corona_help%2CDomainId.179986;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fcorona.help%2F;fpan=1;fpa=P0-1743134113-1584129349817;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1584129349817;tzo=-60;ogl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.146 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 13 Mar 2020 19:55:49 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
greenoaks.gif
corona.help/detroitchicago/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://corona.help/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJkZTI4MWQyYi0wZjIyLTRiMzYtNjdjNi01MDVmMjFlZGRhYjEiLCJkb21haW5faWQiOiIxNzk5ODYiLCJ0X2Vwb2NoIjoxNTg0MTI5MzQzLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI1NjgwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6Ijg0OTAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTM1ODY2MjAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiODU3MiJ9XX1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://corona.help/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 13 Mar 2020 19:55:51 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
573850a05fc3176e-FRA
content-length
43
expires
Thu, 12 Mar 2020 19:55:51 UTC

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __ez function| __ezDotData function| EzoicPixel function| EzoicPixelData number| m function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey string| zuzab object| z object| u function| gtag object| dataLayer string| google_analytics_uacct object| _gaq string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable object| _ezaq string| _ezExtraQueries function| create_ezolpl function| attach_ezolpl object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| bootstrap object| Waves object| Chartist undefined| Chartist.plugins.tooltips function| Chartist.plugins.legend function| Color function| Chart string| _audins_dom number| _audins_did number| indexKey number| ezodomstart number| ezoIint function| _ez_TOS_TrackEvent number| ez_tos_track_count number| ez_last_activity_count object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| w object| s function| e object| google_tag_data object| gaplugins object| gaData function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| riveted object| ct object| ezdent object| ezDenty object| ezmt object| ezua object| ezuxgoals function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| _gfp_p_ number| google_lpabyc number| google_unique_id object| options object| infectedChart object| DeathsChart object| DailyChart object| perf_vals object| GoogleGcLKhOms object| google_image_requests object| _qevents object| _comscore function| udm_ object| ns_p object| COMSCORE function| quantserve function| __qc object| ezt object| _qoptions

26 Cookies

Domain/Path Name / Value
.maphub.net/ Name: _gat_gtag_UA_72966538_4
Value: 1
.maphub.net/ Name: _gid
Value: GA1.2.935950753.1584129344
.doubleclick.net/ Name: IDE
Value: AHWqTUmV77VNmJ2Fd2bBBidHstHODPpVAVDJzJpEzb5c0zXcm2eNI9Gf7jcODXs1
.corona.help/ Name: __utma
Value: 148059173.2137682941.1584129344.1584129344.1584129344.1
.maphub.net/ Name: _ga
Value: GA1.2.1357950883.1584129344
.corona.help/ Name: _gat_gtag_UA_170833_102
Value: 1
maphub.net/ Name: session
Value: f8183f61adc7488ce3a86c1c3bc1be26515e8dfegAJVQGJjOTQ5YzQwMzRhMjM2OTA1ZThhOTUzNDc2MDI1MzAzNjljNGMzNGI5MTZlN2ZlMWU0MDMzMjUwODcwYmNjN2FxAS4=
.corona.help/ Name: __utmb
Value: 148059173.2.10.1584129344
.corona.help/ Name: __utmc
Value: 148059173
.corona.help/ Name: _gid
Value: GA1.2.541921677.1584129344
.corona.help/ Name: ezovuuidtime_179986
Value: 1584129343
.corona.help/ Name: ezCMPCCS
Value: true
.corona.help/ Name: ezovuuid_179986
Value: 4a8a1304-b05f-4b92-4490-13bf5da22a02
.corona.help/ Name: ezoab_179986
Value: mod4
.corona.help/ Name: __utmt_f
Value: 1
.corona.help/ Name: _ga
Value: GA1.2.2137682941.1584129344
.corona.help/ Name: active_template::179986
Value: orig_site.1584129343
.corona.help/ Name: ezopvc_179986
Value: 1
corona.help/ Name: laravel_session
Value: eyJpdiI6IjhwOGp2amlGKzdlb3l1aW40SWs0Zmc9PSIsInZhbHVlIjoiRG9XQWswNGluWE9cL2p6RjluWkNoQjFxMWhNNW8zMHA1MmRtVnhhbjdYaE1OUWtRQUJPYmlSQWtnbnZ3d2xcL0ZqIiwibWFjIjoiYWNjODQ1NWEzZmI0ZTIwZGNhMDhhZTQ5MTI3MGNmMzE1YThhYmVmNWUwZTRiOGQyOGY1MTBkZWQ3N2M2ZGVhMSJ9
.corona.help/ Name: ezoref_179986
Value:
corona.help/ Name: XSRF-TOKEN
Value: eyJpdiI6IlNyRXIxdkNzdWUyVmNPWnRaeDFqT0E9PSIsInZhbHVlIjoiR2xqbTBxVWdYVjFpUjFEd1wvRGVJWWJVTlRkVzVYS3JuZ1FBM2xLcytyTCtRSVdzQUIzeXFcL1wvc1pwNE1kYVwvRlAiLCJtYWMiOiJlMmU4NjU3MmEzMDNlMDk2ZDI4ZjBlOWM2OGQwNzE2MmM1OTU3MDI3NTcxOWUwMDNmNTU1ZjBmY2U2OTljNmJmIn0%3D
.corona.help/ Name: __utmz
Value: 148059173.1584129344.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.corona.help/ Name: lp_179986
Value: https://corona.help/
.corona.help/ Name: ezoadgid_179986
Value: -1
.corona.help/ Name: __utmt_e
Value: 1
.corona.help/ Name: __cfduid
Value: dfe67a82b78385a3ff86b576da1bc469c1584129343

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
corona.help
fonts.googleapis.com
fonts.gstatic.com
go.ezoic.net
googleads.g.doubleclick.net
img.icons8.com
maphub.net
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
ssl.google-analytics.com
t.zuzab.com
tpc.googlesyndication.com
www.ezojs.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.225.73.66
23.11.238.95
2600:9000:20eb:3200:2:cb38:840:93a1
2600:9000:2156:ea00:6:44e3:f8c0:93a1
2606:4700:3036::681f:419c
2606:4700::6811:4104
2606:4700:e0::ac40:6a11
2a00:1450:4001:800::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:815::2008
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:821::2002
52.57.64.116
78.47.1.52
91.228.74.146
91.228.74.223
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07ec726e599e85e7e6114bbc348b2ecf7d8db1516d6bdb7e63f4a9032ea7a1ce
07ffc627c866f5f2639215afdc69755b222d15e711a2936770bb7e3dc5e10a7e
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
165d1da69b46f0e38697d9c084442183ff6036a177638012ce400ad89a7bfeb6
18295894541df40fc29d053a491f0479b88f4a0ceae5f284683e0311622fc904
2b9e686ee5109bca0828082621baf145388ee77459703b97545627f662e99fa2
2e45c7e42002f2f4c81bda0b506bcebf6271eb0abc5430105e0bc182884da255
33f74a44c4a2b213e3f3773d671bc5abf30b552dcea47e5eeb67afecd8a2b1a7
45061fbe520a9bbd1828ab58976bd21095e2d0c9debdb081a363ac27a81e7f64
46153a2c6092936953aef33d4ba8e41f2db0009269529747cece3c390307e99e
47ffc00429342db1b5fd3bd0438fac6f08f398fc499fd485e5fec5276030278a
4d0abce315fabe4c11d10b35a87e400e43fe32f1f45bef44ed374726ca084223
4def7e69368bf63d14e4fccb86d007b7e497960213f0a4fd564c8e667ebc85a9
5337df46e798872643c3c0a3dfd5029e7820bc17dad5f3dc0d0d1abaf09bbc27
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
645cb3933b83f3c78583042280625530a7bb59da558abb07419188ea8a7004aa
659a322c15023c2d5b5ebf0b792984ab8a9b5ccadf5bc8d77808692326754d95
69ad316898262bf5fbe16336db828c41e3500b6c582b0940b74f2866a8de1741
76072c181e858a6212dc6f0898927b4494f8127c3b7f853b3339e0eaaf79450a
7a2022a3ac70005918a5e5a5793f4253575484a85362a6eb6f7edd2f287cc599
7a94735f3a0e915a85bd8e216702c3146e1ffd2f6395276c8e5baee1249baaf1
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cf27e164b238d52bc343ab2d83187191212a451861fbb205138c69a4289fb78
9876c8c8bbe2d52581e1a42d5b440e4f776769a90f24f1d8d847a2d09b0609bb
9f00043f1502445046e8207d8f0a47c196c47c48ff6273335ec807f711c7cf19
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a
bd72b265a40860b98315b27ea86fe52789601b283515873fe042497b7d557beb
c6744e23720fc27d5bc625204cde1a4bea5b230da460ac04269351c940d543ce
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce401fee2f4db23642d668c789a75ab047d0caad44b19971e24aa3639595614b
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0ae991f3c0c611e7f794d9278321a072bacfea922f48158f219b197953a0f56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ede538ff7509ca5b9b6a9229d55905d58baaebfb46ac4788afa0fc7caee7e0a1
f9a621cbfc36bb506e0813fe165911232d32f1271b2c7f60baa0d3f480f58c6d