coronavirus.lk Open in urlscan Pro
34.93.39.90 Public Scan

URL:
http://coronavirus.lk/
Submission: On April 15 via manual (April 15th 2020, 4:37:15 am UTC) from MY

Summary HTTP 52 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 52 HTTP transactions. The main IP is 34.93.39.90, located in United States and belongs to GOOGLE, US. The main domain is coronavirus.lk.

This is the only time coronavirus.lk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	34.93.39.90 34.93.39.90	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
16	2606:4700:20:... 2606:4700:20::681a:194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.14.167 151.101.14.167	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
52	9

19 34.93.39.90 (United States)

ASN15169 (GOOGLE, US)
PTR: 90.39.93.34.bc.googleusercontent.com

coronavirus.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::681a:194 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.newsfirst.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newsfirst.lk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.167 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

player.twitch.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	coronavirus.lk coronavirus.lk	666 KB
16	newsfirst.lk cdn.newsfirst.lk www.newsfirst.lk	2 MB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
3	doubleclick.net googleads.g.doubleclick.net
3	google.com 1 redirects www.google.com adservice.google.com	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	839 B
1	twitch.tv player.twitch.tv
1	googletagmanager.com www.googletagmanager.com	30 KB
52	10

	Domain	Requested by
19	coronavirus.lk	coronavirus.lk
9	www.newsfirst.lk	coronavirus.lk
7	cdn.newsfirst.lk	coronavirus.lk
4	pagead2.googlesyndication.com	coronavirus.lk pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com coronavirus.lk
2	www.google.com	1 redirects coronavirus.lk
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	player.twitch.tv	coronavirus.lk
1	www.googletagmanager.com	coronavirus.lk
52	13

This site contains links to these domains. Also see Links.

Domain
newsfirst.lk
bit.ly
www.newsfirst.lk
sirasatv.lk
shakthitv.lk
tv1.lk
sirasa.com
www.yesfmonline.com
shakthifm.com
yfm.lk
legends966.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-08` - `2020-10-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
twitch.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-01-17` - `2020-06-13`	5 months	crt.sh
*.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://coronavirus.lk/
Frame ID: 3F1BF43AFE7B2457B4952AB6D3F31C31
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_
Frame ID: B90BF6EEC76DCB80D1D602743F34F352
Requests: 1 HTTP requests in this frame

Frame: https://player.twitch.tv/?channel=newsfirstsl
Frame ID: A2967F434A00AD1743D9E432B730808F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html
Frame ID: 3B93BB97D2C8EF222AEDA22929382244
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672728637886288&output=html&adk=1812271804&adf=3025194257&lmt=1586925414&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcoronavirus.lk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586925414774&bpp=15&bdt=1263&fdt=134&idt=135&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=35499&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=192
Frame ID: D6705578443D0A7AB0178360B0171E2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5432073672371728&output=html&h=280&slotname=4014138537&adk=4069910737&adf=3561467008&w=1110&fwrn=4&fwrnh=100&lmt=1586925415&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=http%3A%2F%2Fcoronavirus.lk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586925414789&bpp=7&bdt=1278&fdt=276&idt=276&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=2239151&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2129&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=3OXmpwRCNn&p=http%3A//coronavirus.lk&dtd=281
Frame ID: 03318C4426DFFDE03B29C590558E0047
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 58678C026933134966645339BDBDC1AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

52
Requests

62 %
HTTPS

78 %
IPv6

10
Domains

13
Subdomains

9
IPs

2
Countries

2508 kB
Transfer

3146 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://newsfirst.lk/
Title: NEWS 1ST HOME

Search URL Search Domain Scan URL

URL: http://bit.ly/2TPHhu5
Title:

Search URL Search Domain Scan URL

URL: https://bit.ly/2UclY6r
Title:

Search URL Search Domain Scan URL

URL: https://www.newsfirst.lk/2020/04/14/15-people-tested-positive-for-covid-19-in-a-single-day-in-sri-lanka/
Title: 15 people tested positive for COVID-19 in a single day in Sri LankaTue, 14 Apr 2020 16:17:09 COLOMBO (News1st): A total of 15 people tested positive for COVID-19 on Tuesday,...

Search URL Search Domain Scan URL

URL: https://www.newsfirst.lk/2020/04/14/imf-approves-immediate-debt-relief-for-25-countries-sri-lanka-not-in-the-list/
Title: IMF approves Immediate Debt Relief for 25 countries: Sri Lanka not in the listTue, 14 Apr 2020 06:23:53 COLOMBO (News 1st): The International Monetary Fund on Monday (13th April) said,...

Search URL Search Domain Scan URL

URL: https://www.newsfirst.lk/2020/04/14/india-extended-lockdown-till-may-3/
Title: India extended “Lockdown” till May 3Tue, 14 Apr 2020 05:26:03 Prime Minister Narendra Modi has announced an extension of the nationwide lockdown...

Search URL Search Domain Scan URL

URL: https://www.newsfirst.lk/2020/04/14/covid-19-cases-in-sl-rise-to-218-number-of-recoveries-stands-at-56/
Title: Covid-19 cases in SL rise to 218, number of recoveries stands at 56Tue, 14 Apr 2020 05:18:56 Total confirmed COVID-19 cases in Sri Lanka now at 218 following the...

Search URL Search Domain Scan URL

URL: http://sirasatv.lk/

Search URL Search Domain Scan URL

URL: http://shakthitv.lk/

Search URL Search Domain Scan URL

URL: http://tv1.lk/

Search URL Search Domain Scan URL

URL: http://sirasa.com/

Search URL Search Domain Scan URL

URL: http://www.yesfmonline.com/

Search URL Search Domain Scan URL

URL: http://shakthifm.com/

Search URL Search Domain Scan URL

URL: http://yfm.lk/

Search URL Search Domain Scan URL

URL: https://legends966.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google.com/maps/d/u/0/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_ HTTP 302
https://www.google.com/maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
coronavirus.lk/ 159 KB
26 KB 4393ms
4292ms Document
text/html 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 8a18dc5513580b3d7cab2abc4d353d33d289c4c780d7ffd25ff4a7a55218d7f5

Request headers

Host: coronavirus.lk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 26864
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK bootstrap.min.css
coronavirus.lk/Assets/css/ 118 KB
20 KB 738ms
725ms Stylesheet
text/css 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/css/bootstrap.min.css
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 19:34:20 GMT
Server: Apache
ETag: "1d9ac-5254e6d996700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 19751

GET
H/1.1 200
OK stl.css
coronavirus.lk/Assets/css/ 7 KB
2 KB 737ms
724ms Stylesheet
text/css 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/css/stl.css
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: cc078d5e1add2eab8047c6f5e8f8d3bb5b49841552039033c0c13d8b78e395a4

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Mar 2020 13:10:44 GMT
Server: Apache
ETag: "1d9d-5a15d212a3d00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1969

GET
H/1.1 200
OK footer.css
coronavirus.lk/Assets/css/ 835 B
687 B 713ms
700ms Stylesheet
text/css 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/css/footer.css
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 7f1689a5bbd180ddb97edd0722b27f430120fc73fa40ff07f96b8bc11f11a761

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Mar 2020 07:06:55 GMT
Server: Apache
ETag: "343-5a0f376d941c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 367

GET
H/1.1 200
OK HEADER.css
coronavirus.lk/Assets/css/ 326 B
537 B 706ms
694ms Stylesheet
text/css 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/css/HEADER.css
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 405e55c51c0b324db89486de38e4c4e0d6800e1e65ccdeee0012ae0887ade650

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 16 Mar 2020 12:15:04 GMT
Server: Apache
ETag: "146-5a0f7c4e10200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 217

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 80 KB
30 KB 40ms
27ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-24269836-9

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19104b5dbdd4183cac0b78ef3e52455d99223bec6cd822067b9bb032666eea52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30187
x-xss-protection: 0
last-modified: Wed, 15 Apr 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Apr 2020 04:36:54 GMT

GET
H/1.1 200
OK News1st_logo-lg-v6.jpg
coronavirus.lk/Assets/img/ 21 KB
21 KB 362ms
360ms Image
image/jpeg 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/News1st_logo-lg-v6.jpg
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0532d3edb15d10a0bb8cfde81acc0a1898562b5ec10f59581c37fc9bbd28d27c

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Last-Modified: Sun, 15 Mar 2020 09:17:14 GMT
Server: Apache
ETag: "535b-5a0e12b0e5a80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21339

GET
H/1.1 200
OK cover1.jpeg
coronavirus.lk/Assets/img/covers/ 50 KB
50 KB 356ms
354ms Image
image/jpeg 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/covers/cover1.jpeg
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a651092d5b90b75b952d4bd26539603a00df60884d27001a1b4453952e347241

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Last-Modified: Sun, 15 Mar 2020 15:27:12 GMT
Server: Apache
ETag: "c6a5-5a0e65628f400"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 50853

GET
H2 200 95fe3275-life-ezbanner.gif
cdn.newsfirst.lk/english-uploads/2020/03/ 1 MB
1 MB 54ms
29ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/03/95fe3275-life-ezbanner.gif

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a9ef9e4cc54f4b8e75eda3e72d4b1375ff3623f55f76120f01d920825a5bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29324
status: 200
cf-polished: origFmt=gif, origSize=1870744
x-guploader-uploadid: AEnB2UqpvhcgdYCMFvX_mTiXk5ZyUMdF970Ny7tpOTy52gEivsTnG6MAzX2W3PCrHiyC8xo-2tSfsYgVoEJo_CpblduKg0hQKA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 483889
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="95fe3275-life-ezbanner.webp"
vary: Accept
content-length: 1136182
x-goog-meta-file-hash: 340cd22e70b1b59ed1fcf37a8504a934
last-modified: Wed, 18 Mar 2020 08:21:52 GMT
server: cloudflare
etag: "2a3e08125e72622e16dbe498111ee987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=1UUT0Q==, md5=Kj4IEl5yYi4W2+SYER7phw==
x-goog-generation: 1584519712414604
content-type: image/webp
expires: Wed, 15 Apr 2020 06:28:10 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: b61372249c5b8f7c4633e9c996d898b2
x-goog-stored-content-length: 1870744
accept-ranges: bytes
cf-ray: 5842f7e18cfac2ef-FRA
cf-bgj: imgq:85

GET
H/1.1 200
OK Infected.png
coronavirus.lk/Assets/img/ 12 KB
12 KB 359ms
357ms Image
image/png 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/Infected.png
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e21ba612f360ac0202db046fd451e77fca1f8d09427261cb09920f2a5357bb67

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Last-Modified: Sat, 21 Mar 2020 08:32:50 GMT
Server: Apache
ETag: "30c0-5a1593f513080"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12480

GET
H/1.1 200
OK recovered.png
coronavirus.lk/Assets/img/ 16 KB
16 KB 1391ms
353ms Image
image/png 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/recovered.png
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f266954ee343df93ffc75e320856a149d806d323e02fcd1e4efd041f96fde680

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Sat, 21 Mar 2020 08:32:55 GMT
Server: Apache
ETag: "3faa-5a1593f9d7bc0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16298

GET
H/1.1 200
OK Deaths.png
coronavirus.lk/Assets/img/ 10 KB
11 KB 718ms
367ms Image
image/png 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/Deaths.png
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: acfaa9411c40ab6eb72a4366f60b5c6cc7ac52da767d9337dc67460060ffb69b

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Sat, 21 Mar 2020 08:32:36 GMT
Server: Apache
ETag: "2906-5a1593e7b9100"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10502

GET
H/1.1 200
OK active.png
coronavirus.lk/Assets/img/ 12 KB
12 KB 1077ms
358ms Image
image/png 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/active.png
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 1d4e31b7ef3ec1d1620b90e74b409913c8b44faef7663880b6a2e40c28a96f9c

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Sat, 21 Mar 2020 08:32:25 GMT
Server: Apache
ETag: "2f9d-5a1593dd3b840"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12189

GET
H/1.1 200
OK SuspectedCases.png
coronavirus.lk/Assets/img/ 20 KB
20 KB 1080ms
362ms Image
image/png 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://coronavirus.lk/Assets/img/SuspectedCases.png
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b4f1f88d401da0b16772c531b8aadcde0a166153aba68c2bf5316ff355d13993

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Sun, 22 Mar 2020 01:25:02 GMT
Server: Apache
ETag: "4ffe-5a1676339f780"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 20478

GET
H2 404 29-11.jpg
cdn.newsfirst.lk/english-uploads/2020/03/ 0
0 637ms
611ms Image
text/plain 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newsfirst.lk/english-uploads/2020/03/29-11.jpg
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 2ebea10f-contacts.jpg
cdn.newsfirst.lk/english-uploads/2020/03/ 304 KB
304 KB 54ms
29ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/03/2ebea10f-contacts.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17560c9cd344777ebcc78d70874e70ad02f198d36644306c8c7d56eafed6d02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11959
status: 200
cf-polished: qual=85, origFmt=jpeg, origSize=1662272
x-guploader-uploadid: AEnB2Uozrwf0FTfyK0hd5jAoPGzW6oRxRX8jJewG5V184YKuCrFWcPGP5AHL7pLll5yBzb3-mV5xC0vnJ_OG3tvPG3-LPkVqJA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 484546
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="2ebea10f-contacts.webp"
vary: Accept
content-length: 310946
x-goog-meta-file-hash: 2e0e5e4e376de2583bd35e28dd4f9ac7
last-modified: Fri, 20 Mar 2020 09:09:40 GMT
server: cloudflare
etag: "3022401911aef08bbc755173f1d5aa81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=clBNQg==, md5=MCJAGRGu8Iu8dVFz8dWqgQ==
x-goog-generation: 1584695380806494
content-type: image/webp
expires: Wed, 15 Apr 2020 11:17:35 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 86bcedc523c4a4766fa035258bd096ec
x-goog-stored-content-length: 1662272
accept-ranges: bytes
cf-ray: 5842f7e18d01c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 df84b558-contacts-mobile.jpg
cdn.newsfirst.lk/english-uploads/2020/03/ 40 KB
41 KB 32ms
23ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/03/df84b558-contacts-mobile.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a3da7cd0b753cb9eede7c7e8ec7737778482cf8611b07ca037a1c458ce2515

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12880
status: 200
cf-polished: qual=85, origFmt=jpeg, origSize=209399
x-guploader-uploadid: AEnB2Up32qqWG1Jcr0Qa6H18-C0r9X7S6vx6yAo5K1BYmKmfNsjn4f7teHJXiJPAI36bIeqUa1gR4DGn7jnD1pb4Ga5ECfAUqA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 484547
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="df84b558-contacts-mobile.webp"
vary: Accept
content-length: 40812
x-goog-meta-file-hash: 1d208b7a0ac51ddbd647f56090b804f7
last-modified: Fri, 20 Mar 2020 09:09:46 GMT
server: cloudflare
etag: "cefb59a4d66b341f90a0035b2cef5531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=+y8spQ==, md5=zvtZpNZrNB+QoANbLO9VMQ==
x-goog-generation: 1584695386576787
content-type: image/webp
expires: Wed, 15 Apr 2020 11:02:14 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: a47d8be7279212eb6d9796477bad54a5
x-goog-stored-content-length: 209399
accept-ranges: bytes
cf-ray: 5842f7e18cfec2ef-FRA
cf-bgj: imgq:85

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
40 KB 31ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39657
x-xss-protection: 0
server: cafe
etag: 5984455608614455518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Apr 2020 04:36:54 GMT

GET
H2 200 d8509a17-6732f5f3-2a6e9e50-2d6ac0a4-coronavirus_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.jpg
cdn.newsfirst.lk/english-uploads/2020/04/ 38 KB
39 KB 39ms
30ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/04/d8509a17-6732f5f3-2a6e9e50-2d6ac0a4-coronavirus_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c700d83db0c243ba766123b730ba160f4c4548392c2761e88dceebe287895ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11606
status: 200
cf-polished: qual=85, origFmt=jpeg, origSize=179431
x-guploader-uploadid: AEnB2Uo2re3AUOaeWMWOxwvgvLK77PEfyzFWcKLL1uJGVnGa2HTFRWYv-hHTgpP21M-chka3__be5fbJFlJYQwcV3r8T14RNCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 491038
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="d8509a17-6732f5f3-2a6e9e50-2d6ac0a4-coronavirus_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.webp"
vary: Accept
content-length: 39228
x-goog-meta-file-hash: 3a181973e802d68b63eb2590427519c9
last-modified: Tue, 14 Apr 2020 05:18:27 GMT
server: cloudflare
etag: "135422531518360122157263a79821c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=lVkVaA==, md5=E1QiUxUYNgEiFXJjp5ghwQ==
x-goog-generation: 1586841507837936
content-type: image/webp
expires: Wed, 15 Apr 2020 11:23:28 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 2022ea92d95610b15b6e8e72f0afd104
x-goog-stored-content-length: 179431
accept-ranges: bytes
cf-ray: 5842f7e18cffc2ef-FRA
cf-bgj: imgq:85

GET
H2 200 fb7a09c9-c686fb2e-untitled-1_850x460_acf_cropped.jpg
cdn.newsfirst.lk/english-uploads/2020/04/ 82 KB
83 KB 44ms
35ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/04/fb7a09c9-c686fb2e-untitled-1_850x460_acf_cropped.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a82819730bae5d97375e55c08a1430465a52d8c6d2630e8e4921c4df39729cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7251
status: 200
cf-polished: qual=85, origFmt=jpeg, origSize=330157
x-guploader-uploadid: AEnB2UoWQTg-vhBU2_VIvMEp3cNlD26uiE9L-D1slqkHOWg-hykCgHM2Wjj39wy3fmFJc0ebkEZl3a_h3BPWowAvIDH4HEcNgA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 491066
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="fb7a09c9-c686fb2e-untitled-1_850x460_acf_cropped.webp"
vary: Accept
content-length: 84028
x-goog-meta-file-hash: 677c22e6771e3eeb90bdc57e0f35628d
last-modified: Tue, 14 Apr 2020 06:22:32 GMT
server: cloudflare
etag: "5e14b3964bd9132c1da97a7de5076b7f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=M07srg==, md5=XhSzlkvZEywdqXp95Qdrfw==
x-goog-generation: 1586845352309350
content-type: image/webp
expires: Wed, 15 Apr 2020 12:36:03 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 3c90ec83ad74097d5db979c57a958ab6
x-goog-stored-content-length: 330157
accept-ranges: bytes
cf-ray: 5842f7e18d00c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 a911501f-53d0a27c-modi_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.jpg
cdn.newsfirst.lk/english-uploads/2020/04/ 29 KB
30 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.newsfirst.lk/english-uploads/2020/04/a911501f-53d0a27c-modi_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17880d239f1cb275b0983d506abc4c41f5cae713ab1957d84b8369cdaadf0ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7159
status: 200
cf-polished: qual=85, origFmt=jpeg, origSize=207517
x-guploader-uploadid: AEnB2UrXjcnvMxVWB-WsZ9P9WvTACuH_B3ZqLAQlOLXTTspR9rXdv89V9XEJnq7hX8kbAaVwXJYwEh6F7PBm4139jal2omPZCA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-meta-object-id: 491047
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="a911501f-53d0a27c-modi_850x460_acf_cropped_850x460_acf_cropped_850x460_acf_cropped.webp"
vary: Accept
content-length: 29978
x-goog-meta-file-hash: d5b9375d933546d612c776395c8ea8f9
last-modified: Tue, 14 Apr 2020 05:25:04 GMT
server: cloudflare
etag: "c8871dbf405612d7663b64ff30ec42fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
x-goog-hash: crc32c=eYqA1g==, md5=yIcdv0BWEtdmO2T/MOxC/Q==
x-goog-generation: 1586841904642835
content-type: image/webp
expires: Wed, 15 Apr 2020 12:37:35 GMT
cache-control: public, max-age=36000, must-revalidate
x-goog-meta-source-id: 2ad07d02ab0aea3056d1f021ac15e3ef
x-goog-stored-content-length: 207517
accept-ranges: bytes
cf-ray: 5842f7e1ad32c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 sirasa-tv-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 1 KB
2 KB 44ms
33ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/sirasa-tv-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb-b

Resource Hash

d785b90bf50c11d6c8592e559f4d652d39194ccba7ec2bdb1b9fe854fc0b1869

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 3360
cf-polished: qual=85, origFmt=jpeg, origSize=4023
status: 200
content-disposition: inline; filename="sirasa-tv-new.webp"
vary: Accept
content-length: 1122
x-frame-options: SAMEORIGIN
last-modified: Fri, 03 Apr 2020 12:04:23 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb-b
etag: "5e872647-fb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e18d05c2ef-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 shakthi-tv-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 2 KB
3 KB 38ms
28ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/shakthi-tv-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb

Resource Hash

0f039923ef559218393281b92c8ddf8fae0a18ffa625db2e4c778660ecba945b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 170762
cf-polished: qual=85, origFmt=jpeg, origSize=8023
status: 200
content-disposition: inline; filename="shakthi-tv-new.webp"
vary: Accept
content-length: 2134
x-frame-options: SAMEORIGIN
last-modified: Tue, 17 Mar 2020 09:27:15 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb
etag: "5e7097f3-1f57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e18d07c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 tv-1-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 1 KB
2 KB 17ms
17ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/tv-1-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb

Resource Hash

fb7090d90d66c96e996c2914bf6635ab7597c5d643c71f92ffeda18b3b484a1c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 1150229
cf-polished: qual=85, origFmt=jpeg, origSize=5043
status: 200
content-disposition: inline; filename="tv-1-new.webp"
vary: Accept
content-length: 1368
x-frame-options: SAMEORIGIN
last-modified: Tue, 17 Mar 2020 09:27:15 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb
etag: "5e7097f3-13b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1ad33c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 sirasa-fm-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 2 KB
2 KB 18ms
18ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/sirasa-fm-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb-b

Resource Hash

140a5f9c312c28c014d1b95a4b1f62d118f8df6f5bf71597ed246a574f4e0aae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 535914
cf-polished: qual=85, origFmt=jpeg, origSize=7170
status: 200
content-disposition: inline; filename="sirasa-fm-new.webp"
vary: Accept
content-length: 2026
x-frame-options: SAMEORIGIN
last-modified: Tue, 17 Mar 2020 09:28:09 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb-b
etag: "5e709829-1c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1bd41c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 Maharaja_Logo.png
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/ 8 KB
8 KB 17ms
17ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/Maharaja_Logo.png

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb

Resource Hash

371eb9febad0bf0b43c6e26ced4b1678cb7635e6bcaa77934626f5e56ab1bb47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 2368553
cf-polished: origFmt=png, origSize=23701
status: 200
content-disposition: inline; filename="Maharaja_Logo.webp"
vary: Accept
content-length: 8246
x-frame-options: SAMEORIGIN
last-modified: Tue, 17 Mar 2020 09:27:10 GMT
server: cloudflare
x-be-cache: MISS
x-powered-by: nfst-web-mb
etag: "5e7097ee-5c95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1bd42c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 yes-fm-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 2 KB
2 KB 37ms
37ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/yes-fm-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb

Resource Hash

b965ad2f6bbd76bf5651e0a413660abe0693d2f032b7777fc69e77074aa653f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 79358
cf-polished: qual=85, origFmt=jpeg, origSize=6177
status: 200
content-disposition: inline; filename="yes-fm-new.webp"
vary: Accept
content-length: 1964
x-frame-options: SAMEORIGIN
last-modified: Fri, 03 Apr 2020 12:03:32 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb
etag: "5e872614-1821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1bd46c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 shakthi-fm-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 1 KB
2 KB 21ms
21ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/shakthi-fm-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb-b

Resource Hash

ee9c93a69831cba095a33ca459d3bbbccfc45cf2ae5d7a6e93c9758914de901f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 4623
cf-polished: qual=85, origFmt=jpeg, origSize=3916
status: 200
content-disposition: inline; filename="shakthi-fm-new.webp"
vary: Accept
content-length: 1428
x-frame-options: SAMEORIGIN
last-modified: Fri, 03 Apr 2020 12:04:23 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb-b
etag: "5e872647-f4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1bd4fc2ef-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 y-fm-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 2 KB
2 KB 15ms
15ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/y-fm-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb-b

Resource Hash

4f330797d7991334915cb0717a24e6b582040bd1b2839d65434051c6a9f55f5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 3247989
cf-polished: qual=85, origFmt=jpeg, origSize=7525
status: 200
content-disposition: inline; filename="y-fm-new.webp"
vary: Accept
content-length: 2038
x-frame-options: SAMEORIGIN
last-modified: Fri, 15 Nov 2019 15:10:48 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb-b
etag: "5dcebff8-1d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1cd50c2ef-FRA
cf-bgj: imgq:85

GET
H2 200 legends-fm-new.jpg
www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/ 1 KB
1 KB 21ms
21ms Image
image/webp 2606:4700:20::681a:194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.newsfirst.lk/wp-content/themes/nfst-eng-theme/assets/dist/images/brands-logo/legends-fm-new.jpg

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / nfst-web-mb

Resource Hash

edca2fd990d3b35ee561e76124e465c6ca1818b5a6c7e5a24788333abb6cb514

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
age: 1667600
cf-polished: qual=85, origFmt=jpeg, origSize=4059
status: 200
content-disposition: inline; filename="legends-fm-new.webp"
vary: Accept
content-length: 1238
x-frame-options: SAMEORIGIN
last-modified: Tue, 17 Mar 2020 09:27:14 GMT
server: cloudflare
x-be-cache: HIT
x-powered-by: nfst-web-mb
etag: "5e7097f2-fdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 5842f7e1cd52c2ef-FRA
cf-bgj: imgq:85

GET
H/1.1 200
OK jquery-2.1.1.js Show response
coronavirus.lk/Assets/js/ 82 KB
29 KB 366ms
364ms Script
application/javascript 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/js/jquery-2.1.1.js
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Nov 2014 04:30:02 GMT
Server: Apache
ETag: "14915-50856e5f80680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29497

GET
H/1.1 200
OK bootstrap.min.js Show response
coronavirus.lk/Assets/js/ 36 KB
10 KB 361ms
361ms Script
application/javascript 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/js/bootstrap.min.js
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Nov 2015 19:34:22 GMT
Server: Apache
ETag: "9004-5254e6db7eb80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9765

GET
H/1.1 200
OK poppins.css
coronavirus.lk/Assets/css/ 619 B
497 B 357ms
356ms Stylesheet
text/css 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/css/poppins.css?family=Poppins:300,400,600,800,900
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 84fdc86ba5c03b16df52217688a71cf7e03305e00ce0d9172f7b6ceba49bd3f7

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Aug 2019 11:00:32 GMT
Server: Apache
ETag: "26b-58f70bbb71400-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 178

GET
H2

200

embed
www.google.com/maps/d/ Frame B90B
Redirect Chain

https://www.google.com/maps/d/u/0/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_
https://www.google.com/maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_

0
0

222ms
222ms

Document
text/html

2a00:1450:4001:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MupzhtoAzvFHW8YB7IY69g' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://coronavirus.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=202=rn5lo1uzt9s69WEvYSvgRcGn15NezPwqaoZok7bv3xagLXfVjVW8y8kqI-ANkIsorodrtKEYWg1aUoJKFlG9_6hMtNBwARM2fBrLyXkLebb_5u8CN0mQHI1dpPOUvgrlW7yAa6c69mLZajHjTpAHVEMDttnxk9mLYpprVovWcgQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Apr 2020 04:36:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-MupzhtoAzvFHW8YB7IY69g' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

Redirect headers

status: 302
content-type: application/binary
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Apr 2020 04:36:54 GMT
location: https://www.google.com/maps/d/embed?mid=1PuiuCde9NbpdzHzlH3a-Mq2AaDGqMIg_
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-4FN1eQtuxWrI1d0z+KSC7g' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/u/0/cspreport
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=202=gxRPHIamBZboHvlePmxqx07a2yJ5rZuVnGzFW8WLjRWmnTE3IP9DLQ6X1a6M-io4o2YWE7W1-Pgbb2iln1JqxdGxdA6cH_lBHJyufmbg49pInqSH5YIwt4rDx1xlvb41Cpy9wLP5N6n-bJoUyeQMH1R09fz-PdITn7syrdRAwRw; expires=Thu, 15-Oct-2020 04:36:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none NID=202=rn5lo1uzt9s69WEvYSvgRcGn15NezPwqaoZok7bv3xagLXfVjVW8y8kqI-ANkIsorodrtKEYWg1aUoJKFlG9_6hMtNBwARM2fBrLyXkLebb_5u8CN0mQHI1dpPOUvgrlW7yAa6c69mLZajHjTpAHVEMDttnxk9mLYpprVovWcgQ; expires=Thu, 15-Oct-2020 04:36:54 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK Cookie set /
player.twitch.tv/ Frame A296 0
0 70ms
22ms Document
text/html 151.101.14.167
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.twitch.tv/?channel=newsfirstsl
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.167 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: player.twitch.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://coronavirus.lk/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

Connection: keep-alive
Content-Length: 601
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Last-Modified: Tue, 28 Jan 2020 23:40:13 GMT
Server: AmazonS3
Content-Encoding: gzip
Cache-Control: public, max-age=60
Via: 1.1 a56a2e7149e67774870adaf614e87aa1.cloudfront.net (CloudFront) 1.1 varnish
X-Amz-Cf-Pop: FRA53
X-Amz-Cf-Id: TyaL9CKLn9fUAQ7qQ3MlQPYyQqEIJ-7remmY2AIbulIZyZovZMPh7A==
Accept-Ranges: bytes
Date: Wed, 15 Apr 2020 04:36:54 GMT
Age: 29
Set-Cookie: unique_id=Xj24wDEZeGKTcsTw82wAQG2792n8g9IH; domain=.twitch.tv; path=/; Secure; SameSite=None; expires=Sat, 13 Apr 2030 04:36:54 GMT; unique_id_durable=Xj24wDEZeGKTcsTw82wAQG2792n8g9IH; domain=.twitch.tv; path=/; Secure; HttpOnly; SameSite=None; expires=Sat, 13 Apr 2030 04:36:54 GMT;
X-Served-By: cache-fra19166-FRA
X-Cache: Hit from cloudfront, HIT
X-Cache-Hits: 1
X-Timer: S1586925415.677169,VS0,VE1
Vary: Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method, Origin

GET
H/1.1 200
OK Poppins-Regular.ttf
coronavirus.lk/Assets/Poppins/ 141 KB
142 KB 728ms
719ms Font
application/font-sfnt 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/Poppins/Poppins-Regular.ttf
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/Assets/css/poppins.css?family=Poppins:300,400,600,800,900
Origin: http://coronavirus.lk

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Wed, 03 Jun 2015 00:00:00 GMT
Server: Apache
ETag: "23588-51791bd77e000"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 144776

GET
H/1.1 200
OK Poppins-ExtraBold.ttf
coronavirus.lk/Assets/Poppins/ 136 KB
137 KB 708ms
359ms Font
application/font-sfnt 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/Poppins/Poppins-ExtraBold.ttf
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: cd000441115e695663a59449a9b87e5ba27594ffce0f250e8e25433a4682c01f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/Assets/css/poppins.css?family=Poppins:300,400,600,800,900
Origin: http://coronavirus.lk

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Wed, 03 Jun 2015 00:00:00 GMT
Server: Apache
ETag: "221a4-51791bd77e000"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 139684

GET
H/1.1 200
OK Poppins-SemiBold.ttf
coronavirus.lk/Assets/Poppins/ 138 KB
139 KB 728ms
373ms Font
application/font-sfnt 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/Poppins/Poppins-SemiBold.ttf
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 3d081a1e7273a2d8ff6632187a73624e639f78586a14c227a27067c2b6be8353

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/Assets/css/poppins.css?family=Poppins:300,400,600,800,900
Origin: http://coronavirus.lk

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Wed, 03 Jun 2015 00:00:00 GMT
Server: Apache
ETag: "2292c-51791bd77e000"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 141612

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
coronavirus.lk/Assets/fonts/ 18 KB
18 KB 709ms
371ms Font
application/octet-stream 34.93.39.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://coronavirus.lk/Assets/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: coronavirus.lk
URL: http://coronavirus.lk/
Protocol: HTTP/1.1
Server: 34.93.39.90 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.39.93.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/Assets/css/bootstrap.min.css
Origin: http://coronavirus.lk

Response headers

Date: Wed, 15 Apr 2020 04:36:55 GMT
Last-Modified: Tue, 24 Nov 2015 18:59:06 GMT
Server: Apache
ETag: "466c-5254def985280"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18028

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 27ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=coronavirus.lk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Apr 2020 04:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 26ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=coronavirus.lk

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Apr 2020 04:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/ 216 KB
81 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 83076
x-xss-protection: 0
server: cafe
etag: 11284991114190924255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Apr 2020 04:36:54 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/ Frame 3B93 0
0 67ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200408/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200408/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://coronavirus.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 09 Apr 2020 05:36:24 GMT
expires: Thu, 23 Apr 2020 05:36:24 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 514830
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-24269836-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6034
date: Wed, 15 Apr 2020 02:56:20 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 15 Apr 2020 04:56:20 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
112 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2060973256&t=pageview&_s=1&dl=http%3A%2F%2Fcoronavirus.lk%2F&ul=en-us&de=UTF-8&dt=Newsfirst.lk%20-%20Corona%20Virus%20Updates&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1999034638&gjid=1052900710&cid=448060903.1586925415&tid=UA-24269836-9&_gid=81140402.1586925415&_r=1&gtm=2ou432&z=1424567174

Requested by

Host: coronavirus.lk
URL: http://coronavirus.lk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Apr 2020 04:36:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame D670 0
0 22ms
21ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3672728637886288&output=html&adk=1812271804&adf=3025194257&lmt=1586925414&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcoronavirus.lk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586925414774&bpp=15&bdt=1263&fdt=134&idt=135&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=35499&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=192

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3672728637886288&output=html&adk=1812271804&adf=3025194257&lmt=1586925414&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcoronavirus.lk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586925414774&bpp=15&bdt=1263&fdt=134&idt=135&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=35499&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=192
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://coronavirus.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Apr 2020 04:36:55 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Apr-2020 04:51:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbfc79b7990f20844e24bdc0fe516d37a7e0353eb465f4b1d9058a3bba13f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586891916019213"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Wed, 15 Apr 2020 04:36:55 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 0331 0
0 77ms
75ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5432073672371728&output=html&h=280&slotname=4014138537&adk=4069910737&adf=3561467008&w=1110&fwrn=4&fwrnh=100&lmt=1586925415&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=http%3A%2F%2Fcoronavirus.lk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586925414789&bpp=7&bdt=1278&fdt=276&idt=276&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=2239151&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2129&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=3OXmpwRCNn&p=http%3A//coronavirus.lk&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5432073672371728&output=html&h=280&slotname=4014138537&adk=4069910737&adf=3561467008&w=1110&fwrn=4&fwrnh=100&lmt=1586925415&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1110x280&url=http%3A%2F%2Fcoronavirus.lk%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1586925414789&bpp=7&bdt=1278&fdt=276&idt=276&shv=r20200408&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2609052809325&frm=20&pv=2&ga_vid=448060903.1586925415&ga_sid=1586925415&ga_hid=2060973256&ga_fc=0&iag=0&icsg=2239151&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2129&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C42530311%2C26835106&oid=3&pvsid=1090333061383786&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=144&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=3OXmpwRCNn&p=http%3A//coronavirus.lk&dtd=281
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://coronavirus.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Apr 2020 04:36:55 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Apr-2020 04:51:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 27ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200408&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c505eb5e1090b05c34a44c75561fe8cbe8c5c09d2d57e0ec6e9767cb6915f643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Apr 2020 04:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200408/r20190131/show_ads_impl_fy2019.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 15 Apr 2020 04:36:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Wed, 15 Apr 2020 04:36:56 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5867 0
0 17ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://coronavirus.lk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://coronavirus.lk/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 15 Apr 2020 03:27:50 GMT
expires: Thu, 15 Apr 2021 03:27:50 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4146
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200408&jk=1090333061383786&bg=!n5ylnIRYAwgyNxAspdQCAAAAO1IAAAALmQFZxgukY_XWk9opre5-WssRMEnCOzpIW4EuTGLsGh1s0FKl7lXmi68fTanL-XjwVT2O8gAFtpo4ttzUBqTX7g3B55o0uzmKXl5xxsjRKmEL5l7U4NP8Zx1mAp2wZG9rHw95a6iqQXgzkYneq9swzh4hDkoAhD5k9mVHccH7SktGHtK_W-mHn8jOl-C2NQD06HBhrO2kvXJe9OqN_yax_2wxPoUYfPIroxZTG9S31omW-Z3qejAqcl3SbB-zmUI9ge505kzqniVbzqMQMLYgWB_TX6gt1lyjpHXe5CWFXYZcsz7Neur_a_M-l081GzPok7ndpqhj3gRk1cdIUxFq-0doc5LyxWx9G4hKoZyu4FPjhrSj2ovdOUANfFebmiKbcS5uPLN-irhsYJsnztGsdHymvQvlW119L3KwvBxVWF7bgR6dyNJDrS2QVLFy1idvUu2LYPsNP3dS0DpH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://coronavirus.lk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Apr 2020 04:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazon-adsystem.com/	1970-01-21 06:29:04	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 15:04:35	Name: ad-id Value: Ax9ywwwyq0ats7RumWUkJ4w
.doubleclick.net/	1970-01-19 08:48:46	Name: test_cookie Value: CheckForPermission
.google.com/	1970-01-19 13:12:16	Name: NID Value: 202=s64FH8_552oipqDLe3RF7AuTxeUQW_G4_B1uCEdq5cfI2veiXdTR4kdIbPw0jnCuA7-wOU0eklkzWyRFeadnUZYGYVwp05kDDgPrGipxVipYt6I4UXeIvFmxytZG17ZnYomyuvNO-rh9G_qiaqS8aAw7BLuPsgGJca0Th8QZ1xE
.coronavirus.lk/	1970-01-19 08:48:45	Name: _gat_gtag_UA_24269836_9 Value: 1
.twitch.tv/	1969-12-31 23:59:59	Name: session_unique_id Value: K0Es0XyT2U7bUh9jGyUMJkpwC7OlCDhN
.coronavirus.lk/	1970-01-19 08:50:11	Name: _gid Value: GA1.2.81140402.1586925415
.twitch.tv/	1970-01-23 00:28:14	Name: unique_id Value: JFR2qwrjWAGlWdRQB3yHjOf420FqAe90
.coronavirus.lk/	1970-01-20 02:19:57	Name: _ga Value: GA1.2.448060903.1586925415

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.newsfirst.lk
coronavirus.lk
googleads.g.doubleclick.net
pagead2.googlesyndication.com
player.twitch.tv
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newsfirst.lk
151.101.14.167
2606:4700:20::681a:194
2a00:1450:4001:809::2002
2a00:1450:4001:814::2002
2a00:1450:4001:816::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
34.93.39.90
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0532d3edb15d10a0bb8cfde81acc0a1898562b5ec10f59581c37fc9bbd28d27c
0f039923ef559218393281b92c8ddf8fae0a18ffa625db2e4c778660ecba945b
140a5f9c312c28c014d1b95a4b1f62d118f8df6f5bf71597ed246a574f4e0aae
17560c9cd344777ebcc78d70874e70ad02f198d36644306c8c7d56eafed6d02d
17880d239f1cb275b0983d506abc4c41f5cae713ab1957d84b8369cdaadf0ba5
19104b5dbdd4183cac0b78ef3e52455d99223bec6cd822067b9bb032666eea52
1d4e31b7ef3ec1d1620b90e74b409913c8b44faef7663880b6a2e40c28a96f9c
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
371eb9febad0bf0b43c6e26ced4b1678cb7635e6bcaa77934626f5e56ab1bb47
3d081a1e7273a2d8ff6632187a73624e639f78586a14c227a27067c2b6be8353
405e55c51c0b324db89486de38e4c4e0d6800e1e65ccdeee0012ae0887ade650
4f330797d7991334915cb0717a24e6b582040bd1b2839d65434051c6a9f55f5b
577dfb678b8fc1bda8ef0fabd74611675013ae08ae3b0045b8adcb1c6fa01eb9
7f1689a5bbd180ddb97edd0722b27f430120fc73fa40ff07f96b8bc11f11a761
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fdc86ba5c03b16df52217688a71cf7e03305e00ce0d9172f7b6ceba49bd3f7
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
89a3da7cd0b753cb9eede7c7e8ec7737778482cf8611b07ca037a1c458ce2515
8a18dc5513580b3d7cab2abc4d353d33d289c4c780d7ffd25ff4a7a55218d7f5
9c700d83db0c243ba766123b730ba160f4c4548392c2761e88dceebe287895ce
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a651092d5b90b75b952d4bd26539603a00df60884d27001a1b4453952e347241
a82819730bae5d97375e55c08a1430465a52d8c6d2630e8e4921c4df39729cca
acfaa9411c40ab6eb72a4366f60b5c6cc7ac52da767d9337dc67460060ffb69b
b4f1f88d401da0b16772c531b8aadcde0a166153aba68c2bf5316ff355d13993
b5a9ef9e4cc54f4b8e75eda3e72d4b1375ff3623f55f76120f01d920825a5bb8
b965ad2f6bbd76bf5651e0a413660abe0693d2f032b7777fc69e77074aa653f7
c505eb5e1090b05c34a44c75561fe8cbe8c5c09d2d57e0ec6e9767cb6915f643
cc078d5e1add2eab8047c6f5e8f8d3bb5b49841552039033c0c13d8b78e395a4
cd000441115e695663a59449a9b87e5ba27594ffce0f250e8e25433a4682c01f
d713e50c5e438cc6596122fd3cbcb09e4181ee93dc25d4d6d128da8f42ccf7a0
d785b90bf50c11d6c8592e559f4d652d39194ccba7ec2bdb1b9fe854fc0b1869
dbfc79b7990f20844e24bdc0fe516d37a7e0353eb465f4b1d9058a3bba13f5d4
e21ba612f360ac0202db046fd451e77fca1f8d09427261cb09920f2a5357bb67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
edca2fd990d3b35ee561e76124e465c6ca1818b5a6c7e5a24788333abb6cb514
ee4726f5351b3e304c4e378940f4ae9d009f15d13423783a82b89ab1c47257e0
ee9c93a69831cba095a33ca459d3bbbccfc45cf2ae5d7a6e93c9758914de901f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f266954ee343df93ffc75e320856a149d806d323e02fcd1e4efd041f96fde680
fb7090d90d66c96e996c2914bf6635ab7597c5d643c71f92ffeda18b3b484a1c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

coronavirus.lk Open in urlscan Pro 34.93.39.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

62 %HTTPS

78 %IPv6

10 Domains

13 Subdomains

9 IPs

2 Countries

2508 kBTransfer

3146 kBSize

9 Cookies

15 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

coronavirus.lk Open in urlscan Pro
34.93.39.90 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

62 %
HTTPS

78 %
IPv6

10
Domains

13
Subdomains

9
IPs

2
Countries

2508 kB
Transfer

3146 kB
Size

9
Cookies

52 HTTP transactions
0 data transactions