urlscan.io logo urlscan.io
SecurityTrails logo

tanyacorona.com.statscrop.com Open in urlscan Pro
5.79.69.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tanyacorona.com.statscrop.com/
Effective URL: https://tanyacorona.com.statscrop.com/
Submission: On July 16 via api from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 5.79.69.103, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is tanyacorona.com.statscrop.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 9th 2020. Valid for: 3 months.
This is the only time tanyacorona.com.statscrop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    5.79.69.103 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
tanyacorona.com.statscrop.com
3    2606:4700:20::ac43:417b (United States)

ASN13335 (CLOUDFLARENET, US)
screenshots.statscrop.com
data.statscrop.com
5    2606:4700:20::6819:e673 (United States)

ASN13335 (CLOUDFLARENET, US)
static.statscrop.com
favicons.statscrop.com
4    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2606:4700:20::6819:e573 (United States)

ASN13335 (CLOUDFLARENET, US)
data2.statscrop.com
1    216.239.34.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
ipinfo.io
2    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 cdnjs.cloudflare.com tanyacorona.com.statscrop.com
cdnjs.cloudflare.com
4 pagead2.googlesyndication.com tanyacorona.com.statscrop.com
pagead2.googlesyndication.com
4 static.statscrop.com tanyacorona.com.statscrop.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 data.statscrop.com cdnjs.cloudflare.com
2 www.google-analytics.com tanyacorona.com.statscrop.com
2 www.gstatic.com tanyacorona.com.statscrop.com
cdnjs.cloudflare.com
2 tanyacorona.com.statscrop.com 1 redirects
1 ipinfo.io cdnjs.cloudflare.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 favicons.statscrop.com tanyacorona.com.statscrop.com
1 data2.statscrop.com cdnjs.cloudflare.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 screenshots.statscrop.com 1 redirects
34 16
Subject Issuer Validity Valid
ssl-00006.statscrop.com
Let's Encrypt Authority X3		 2020-07-09 -
2020-10-07		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-19 -
2020-10-09		 7 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
ipinfo.io
GTS CA 1D2		 2020-06-02 -
2020-08-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-06-30 -
2020-09-22		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://tanyacorona.com.statscrop.com/
Frame ID: EBE0A6F94BEF99868178EA3AD7D3ECAA
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200713/r20190131/zrt_lookup.html
Frame ID: C4DE591ED87501240EBF4806CB6F006E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940287976733969&output=html&h=280&slotname=2090432406&adk=3897321631&adf=3882178365&w=336&fwrn=4&fwrnh=100&lmt=1594883510&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594883510117&bpp=72&bdt=290&idt=270&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5566728179840&frm=20&pv=2&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=176291840&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=948&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CopeE%7C&abl=NS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=esAbSyhHjP&p=https%3A//tanyacorona.com.statscrop.com&dtd=290
Frame ID: 768A6F087CD12D9C917CD7EF3F918696
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940287976733969&output=html&adk=1812271804&adf=3025194257&lmt=1594883510&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594883510279&bpp=3&bdt=452&idt=159&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=5566728179840&frm=20&pv=1&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=713162752&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Frame ID: FB6B796553F0D9C2579013BBE9242D59
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 91D1D0C1458B2DE4CE5DA456E8901897
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tanyacorona.com.statscrop.com/ HTTP 301
    https://tanyacorona.com.statscrop.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

34
Requests

100 %
HTTPS

85 %
IPv6

10
Domains

16
Subdomains

14
IPs

3
Countries

432 kB
Transfer

1071 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tanyacorona.com.statscrop.com/ HTTP 301
    https://tanyacorona.com.statscrop.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://screenshots.statscrop.com/t/an/yac/oro/na/com/thumbnail.jpg HTTP 302
  • https://static.statscrop.com/img/thumbnails.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tanyacorona.com.statscrop.com/
Redirect Chain
  • http://tanyacorona.com.statscrop.com/
  • https://tanyacorona.com.statscrop.com/
97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tanyacorona.com.statscrop.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.79.69.103 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx / PHP/7.4.0RC3
Resource Hash
c7f709ff1fad6b92445cd4b267956a8708c190e95c7daeaff7446daba016159a

Request headers

Host
tanyacorona.com.statscrop.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Thu, 16 Jul 2020 07:11:49 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.0RC3
Expires
Thu, 23 Jul 2020 07:11:49 GMT
Cache-Control
max-age=604800
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 16 Jul 2020 07:11:49 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Keep-Alive
timeout=60
Location
https://tanyacorona.com.statscrop.com/
Expires
Thu, 23 Jul 2020 07:11:49 GMT
Cache-Control
max-age=604800
thumbnails.png
static.statscrop.com/img/
Redirect Chain
  • https://screenshots.statscrop.com/t/an/yac/oro/na/com/thumbnail.jpg
  • https://static.statscrop.com/img/thumbnails.png
21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.statscrop.com/img/thumbnails.png
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84694dddcf1d409ba1961553bd54d1534f69f60737ddb6a37d36a8dc0133cbd7

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:51 GMT
cf-cache-status
HIT
age
56373
cf-polished
origFmt=png, origSize=21839
status
200
content-disposition
inline; filename="thumbnails.webp"
content-length
21210
cf-request-id
03f8102d6b000097ba0ab31200000001
last-modified
Thu, 26 Sep 2013 18:25:42 GMT
server
cloudflare
etag
"52447c26-554f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b39e95bdbde97ba-FRA
cf-bgj
imgq:85,h2pri

Redirect headers

date
Thu, 16 Jul 2020 07:11:51 GMT
cf-cache-status
MISS
server
cloudflare
status
302
x-powered-by
PHP/7.4.0RC3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
//static.statscrop.com/img/thumbnails.png
cache-control
max-age=604800
cf-ray
5b39e950ba6bd711-FRA
cf-request-id
03f81026730000d7112485b200000001
expires
Thu, 23 Jul 2020 07:11:51 GMT
logo.jpg
static.statscrop.com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.statscrop.com/img/logo.jpg
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b887599496c471b975470ad57613bb58f3ac7fcb054904576641f8debab3f1

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
cf-cache-status
HIT
age
27571
cf-polished
qual=85, origFmt=jpeg, origSize=2829
status
200
content-disposition
inline; filename="logo.webp"
content-length
1374
cf-request-id
03f8102672000097ba0aa8a200000001
last-modified
Tue, 01 Sep 2015 18:18:30 GMT
server
cloudflare
etag
"55e5ebf6-b0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b39e950ba3a97ba-FRA
cf-bgj
imgq:85,h2pri
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		117 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5917c8721275b7991dd162d114443d0506e9e2e052698215179c83dcaa6f9d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42284
x-xss-protection
0
server
cafe
etag
1206187869185097582
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Jul 2020 07:11:49 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tanyacorona.com.statscrop.com/
Origin
https://tanyacorona.com.statscrop.com

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
14545684
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
cf-request-id
03f81026740000dfeb9932d200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5b39e950bff0dfeb-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
loader.js
www.gstatic.com/charts/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66b555d6d5ecf68dfab76bbe782d5dff672971bc3acbd83272ca9ecf3f5a04ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 06:47:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1483
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19697
x-xss-protection
0
last-modified
Fri, 10 Jul 2020 02:40:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 16 Jul 2020 07:47:06 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2489874
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d500001752c4232200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:16:13 GMT
server
cloudflare
etag
W/"5eb0a23d-15d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9515ff21752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13820030
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d500001752c4233200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Fri, 15 Feb 2019 18:45:50 GMT
server
cloudflare
etag
W/"5c6708de-e2d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9515ff71752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
jquery.sparkline.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-sparklines/2.1.2/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-sparklines/2.1.2/jquery.sparkline.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e0242da172ab85985db3774c54ac1b53391a5b447857a100c5118b8281a543
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7182140
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d600001752c4234200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:13 GMT
server
cloudflare
etag
W/"5afd494d-a8ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9515ffa1752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
countUp.min.js
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
22549348
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d600001752c4235200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:34 GMT
server
cloudflare
etag
W/"5afd48ea-ee7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9515ffd1752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5386006
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d600001752c4236200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Tue, 17 Jul 2018 12:30:51 GMT
server
cloudflare
etag
W/"5b4de17b-5148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9515ffe1752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
loadingoverlay.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-loading-overlay/2.1.6/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-loading-overlay/2.1.6/loadingoverlay.min.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0889ad8d056f9aefe633d016fba818924b01c85e11042791cd730303d32e02ca
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
22377595
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81026d600001752c4237200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Mon, 24 Sep 2018 14:13:37 GMT
server
cloudflare
etag
W/"5ba8f111-2f05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e95158001752-FRA
expires
Tue, 06 Jul 2021 07:11:49 GMT
common.min.js
static.statscrop.com/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.statscrop.com/js/common.min.js?20200713
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d73e6e013b40119feef2afa81d7311c3b85b8713794de866344205c0072083

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 12 Jul 2020 15:16:29 GMT
server
cloudflare
age
56488
etag
W/"5f0b294d-9d60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
cf-ray
5b39e9515abb97ba-FRA
cf-request-id
03f81026d5000097ba0aa93200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3370
date
Thu, 16 Jul 2020 06:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 16 Jul 2020 08:15:40 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tanyacorona.com.statscrop.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tanyacorona.com.statscrop.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/ 		220 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5be850b9224beeafe3fa77ae360759a3506acdb3a310696b57bf0e8df6299e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84727
x-xss-protection
0
server
cafe
etag
4457932902121861688
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Jul 2020 07:11:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200713/r20190131/ Frame C4DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200713/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200713/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tanyacorona.com.statscrop.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tanyacorona.com.statscrop.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 14 Jul 2020 08:39:31 GMT
expires
Tue, 28 Jul 2020 08:39:31 GMT
content-type
text/html; charset=UTF-8
etag
1809543571055990350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4277
x-xss-protection
0
cache-control
public, max-age=1209600
age
167539
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
data.statscrop.com/ 		104 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.statscrop.com/?hash=c54117e50f89132a8f2a989166d94eea652765ac&__source_origin=https%3A%2F%2Ftanyacorona.com.statscrop.com&domain=tanyacorona.com&is_www_page=1&ut=1587120874&r=0.9321978876996744&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:417b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.0RC3
Resource Hash
6fed14152e9b073961ddda7a23b6abc451af9331703e4f81b713d1e9919e1c58

Request headers

Accept
*/*
Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
status
200
x-powered-by
PHP/7.4.0RC3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tanyacorona.com.statscrop.com
cache-control
max-age=604800
access-control-allow-credentials
true
cf-ray
5b39e9534eb197de-FRA
cf-request-id
03f8102810000097ded33b9200000001
expires
Thu, 23 Jul 2020 07:11:50 GMT
/
data2.statscrop.com/refresh/ 		2 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data2.statscrop.com/refresh/?domain=tanyacorona.com&hash=c54117e50f89132a8f2a989166d94eea652765ac&ut=1587120874&__source_origin=https%3A%2F%2Ftanyacorona.com.statscrop.com&is_updating=true&is_auto=true&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e573 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.4
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
*/*
Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
br
cf-cache-status
BYPASS
x-powered-by
PHP/7.4.4
cf-ray
5b39e953584c177e-FRA
status
200
cf-request-id
03f81028170000177e782ec200000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tanyacorona.com.statscrop.com
cache-control
max-age=604800
access-control-allow-credentials
true
x-robots-tag
noindex
expires
Thu, 23 Jul 2020 07:11:50 GMT
jquery.expander.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-expander/1.7.0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-expander/1.7.0/jquery.expander.min.js?_=1594883510206
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1368f66231634afff2f32e548f2212edc5b995bf1c68566955b37681010653b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7182155
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
03f81027f600001752c4244200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:58 GMT
server
cloudflare
etag
W/"5afd497a-17b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5b39e9532c1f1752-FRA
expires
Tue, 06 Jul 2021 07:11:50 GMT
loader.js
www.gstatic.com/charts/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js?_=1594883510207
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66b555d6d5ecf68dfab76bbe782d5dff672971bc3acbd83272ca9ecf3f5a04ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Jul 2020 02:40:13 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19697
x-xss-protection
0
expires
Thu, 16 Jul 2020 08:11:50 GMT
favicon.png
favicons.statscrop.com/t/an/yac/oro/na/com/ 		853 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicons.statscrop.com/t/an/yac/oro/na/com/favicon.png
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989b8ca126e0a4382909ef4c8806f1e083733b4d373bcd2c27b0e55bda501a24

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
cf-cache-status
MISS
last-modified
Sat, 11 Apr 2020 08:04:30 GMT
server
cloudflare
etag
"5e917a0e-355"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b39e9535cc597ba-FRA
content-length
853
cf-request-id
03f8102813000097ba0aaa4200000001
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
data.statscrop.com/www-domain/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.statscrop.com/www-domain/?ac=whois&domain=tanyacorona.com&hash=c54117e50f89132a8f2a989166d94eea652765ac&ut=1587120874&__source_origin=https%3A%2F%2Ftanyacorona.com.statscrop.com
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:417b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.0RC3
Resource Hash
4433614722f9316710cf594882557ae957f9d098025410a820b7aef0fba26ced

Request headers

Accept
*/*
Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
status
200
x-powered-by
PHP/7.4.0RC3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tanyacorona.com.statscrop.com
cache-control
max-age=604800
access-control-allow-credentials
true
cf-ray
5b39e9538ed997de-FRA
cf-request-id
03f8102833000097ded33bb200000001
expires
Thu, 23 Jul 2020 07:11:50 GMT
loading-small.gif
static.statscrop.com/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.statscrop.com/img/loading-small.gif
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:e673 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a621c97baef5f07797e7eae2f6938188f8d5e853cacf9e621d8aa08774a06d9a

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
cf-cache-status
HIT
age
56410
cf-polished
origSize=2379, status=webp_bigger
status
200
content-length
2333
cf-request-id
03f8102833000097ba0aaa6200000001
last-modified
Fri, 13 Dec 2013 11:44:26 GMT
server
cloudflare
etag
"52aaf31a-94b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5b39e9538cf297ba-FRA
cf-bgj
imgq:85,h2pri
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=289401139&t=pageview&_s=1&dl=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&ul=en-us&de=UTF-8&dt=Tanyacorona%3A%20Tanyacorona.com%20%7C%20Tanya%20Corona%20Ascension%20Reiki%20and%20Crystal%20Therapy%20-%20StatsCrop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=402326343&gjid=1024261495&cid=602215545.1594883510&tid=UA-26282313-1&_gid=723495010.1594883510&_r=1&z=120532890
Requested by
Host: tanyacorona.com.statscrop.com
URL: https://tanyacorona.com.statscrop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jul 2020 07:11:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 768A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940287976733969&output=html&h=280&slotname=2090432406&adk=3897321631&adf=3882178365&w=336&fwrn=4&fwrnh=100&lmt=1594883510&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594883510117&bpp=72&bdt=290&idt=270&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5566728179840&frm=20&pv=2&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=176291840&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=948&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CopeE%7C&abl=NS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=esAbSyhHjP&p=https%3A//tanyacorona.com.statscrop.com&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1940287976733969&output=html&h=280&slotname=2090432406&adk=3897321631&adf=3882178365&w=336&fwrn=4&fwrnh=100&lmt=1594883510&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1594883510117&bpp=72&bdt=290&idt=270&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5566728179840&frm=20&pv=2&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=176291840&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=948&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CopeE%7C&abl=NS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=esAbSyhHjP&p=https%3A//tanyacorona.com.statscrop.com&dtd=290
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tanyacorona.com.statscrop.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tanyacorona.com.statscrop.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 16 Jul 2020 07:11:50 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 16-Jul-2020 07:26:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Thu, 16 Jul 2020 07:11:50 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66cfa27b0485df92c636ba2b32e9b5e77f349fc126f19b5390f75c74f1653f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1594680790280003"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27220
x-xss-protection
0
expires
Thu, 16 Jul 2020 07:11:50 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FB6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1940287976733969&output=html&adk=1812271804&adf=3025194257&lmt=1594883510&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594883510279&bpp=3&bdt=452&idt=159&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=5566728179840&frm=20&pv=1&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=713162752&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1940287976733969&output=html&adk=1812271804&adf=3025194257&lmt=1594883510&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftanyacorona.com.statscrop.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1594883510279&bpp=3&bdt=452&idt=159&shv=r20200713&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=5566728179840&frm=20&pv=1&ga_vid=602215545.1594883510&ga_sid=1594883510&ga_hid=289401139&ga_fc=0&iag=0&icsg=713162752&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066717&oid=3&pvsid=3620636226373322&pem=702&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tanyacorona.com.statscrop.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tanyacorona.com.statscrop.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 16 Jul 2020 07:11:50 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 16-Jul-2020 07:26:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Thu, 16 Jul 2020 07:11:50 GMT
cache-control
private
/
ipinfo.io/ 		263 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
/
Resource Hash
3897cd7818cc67a20b6db507c98d955861973954e8d761d94376ed56332700a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jul 2020 07:11:51 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
status
200
via
1.1 google
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
vary
Accept-Encoding
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200713&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48836f16810bffd5e297bcf6800a95e5e8a79a5a9193d959c776ab0fd92c6927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jul 2020 07:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5581
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200713/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 16 Jul 2020 07:11:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Thu, 16 Jul 2020 07:11:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 91D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tanyacorona.com.statscrop.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://tanyacorona.com.statscrop.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Thu, 16 Jul 2020 06:30:16 GMT
expires
Fri, 16 Jul 2021 06:30:16 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2495
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200713&jk=3620636226373322&bg=!MzClMChYpfIDRQJwFGwCAAAAWFIAAAAOmQGOSzdPo8D96dyV_YvTtpkXTdCYdIH9lsIXUxQikMWsriVcd7kOSqo1DiAYBwzCEpAzdClyQDNhnx-IYsuqn20MbhRp4jvNwMfeZOehqWzuN_rSd1QdGx9DL7XXPR2RVAHYYB4J8Me7o0Khr4y_BH1lpaqN3PY0PUu6NBQw_41VlrWuJU65mfI0aYK4tK535xuENnWytv3-pMpKjVSADqzNvWSCV7J1XFnSUxiOsFKwoSX8UE05bhzh47F7ezxhvG7Hl5H52EArReQmQXiH8ETFOJ7hjeTn2Bfc8Yj0OexwzSg8xIzw34e7Bbyo_FRXD4FZt5ZlMVWlhdcfztqPQNRsffbHQNvGRG28vi_mSO7Yqtuk7L6hTew-GRSmOglTuv7uR0byRtHt4fLLUsCPaAfyMk1QCh8pNlgCprIaY7jYO8B49gSJ84OnErnZjAwXGeucu5Yj5LEsG8HxjzYz4OBE-qZon2-Zy-6bvQBUqetpMvu3iCT7y65KvFtdtxAGAUdYhkTtdIr2-9Y51rHJ7wg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tanyacorona.com.statscrop.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jul 2020 07:11:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| adsbygoogle string| hash string| hash2 boolean| is_www_page boolean| is_new_site string| domain number| update_time boolean| is_updating boolean| is_cached_page object| charts string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| $ function| jQuery object| bootstrap function| CountUp object| cookieconsent object| google object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.statscrop.com/ Name: __cfduid
Value: d08fbd2e7a714d07b0d62d52cc10d7ca81594883509
.statscrop.com/ Name: _gat
Value: 1
.statscrop.com/ Name: _gid
Value: GA1.2.723495010.1594883510
.statscrop.com/ Name: _ga
Value: GA1.2.602215545.1594883510

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
data.statscrop.com
data2.statscrop.com
favicons.statscrop.com
googleads.g.doubleclick.net
ipinfo.io
pagead2.googlesyndication.com
screenshots.statscrop.com
static.statscrop.com
tanyacorona.com.statscrop.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
www.gstatic.com
216.239.34.21
2606:4700:20::6819:e573
2606:4700:20::6819:e673
2606:4700:20::ac43:417b
2606:4700::6810:84e5
2a00:1450:4001:814::2001
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2002
5.79.69.103
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06e0242da172ab85985db3774c54ac1b53391a5b447857a100c5118b8281a543
0889ad8d056f9aefe633d016fba818924b01c85e11042791cd730303d32e02ca
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1368f66231634afff2f32e548f2212edc5b995bf1c68566955b37681010653b6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3897cd7818cc67a20b6db507c98d955861973954e8d761d94376ed56332700a6
38b887599496c471b975470ad57613bb58f3ac7fcb054904576641f8debab3f1
4433614722f9316710cf594882557ae957f9d098025410a820b7aef0fba26ced
48836f16810bffd5e297bcf6800a95e5e8a79a5a9193d959c776ab0fd92c6927
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5917c8721275b7991dd162d114443d0506e9e2e052698215179c83dcaa6f9d76
5be850b9224beeafe3fa77ae360759a3506acdb3a310696b57bf0e8df6299e26
66b555d6d5ecf68dfab76bbe782d5dff672971bc3acbd83272ca9ecf3f5a04ca
66cfa27b0485df92c636ba2b32e9b5e77f349fc126f19b5390f75c74f1653f29
6fed14152e9b073961ddda7a23b6abc451af9331703e4f81b713d1e9919e1c58
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84694dddcf1d409ba1961553bd54d1534f69f60737ddb6a37d36a8dc0133cbd7
989b8ca126e0a4382909ef4c8806f1e083733b4d373bcd2c27b0e55bda501a24
a621c97baef5f07797e7eae2f6938188f8d5e853cacf9e621d8aa08774a06d9a
a8d73e6e013b40119feef2afa81d7311c3b85b8713794de866344205c0072083
c7f709ff1fad6b92445cd4b267956a8708c190e95c7daeaff7446daba016159a
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06