covid19online.ru Open in urlscan Pro
2606:4700:3032::681c:ba9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covid19online.ru/
Effective URL:
https://covid19online.ru/
Submission: On July 14 via api (July 14th 2020, 6:32:16 pm UTC) from FR

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3032::681c:ba9, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid19online.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 9th 2020. Valid for: 3 months.

This is the only time covid19online.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3032::681c:ba9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::173 2a02:6b8::173	13238 (YANDEX) (YANDEX)
1	2606:4700:303... 2606:4700:3030::6812:2367	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.181.175.55 195.181.175.55	60068 (CDN77) (CDN77)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
6	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
32	12

7 2606:4700:3032::681c:ba9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

covid19online.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::173 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6812:2367 (United States)

ASN13335 (CLOUDFLARENET, US)

coronavirus-monitor.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-53.cdn77.com

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	covid19online.ru 1 redirects covid19online.ru	14 KB
6	gstatic.com fonts.gstatic.com	53 KB
4	yandex.ru api-maps.yandex.ru informer.yandex.ru mc.yandex.ru money.yandex.ru Failed	42 KB
2	doubleclick.net googleads.g.doubleclick.net
2	yastatic.net yastatic.net	29 KB
2	googlesyndication.com pagead2.googlesyndication.com	124 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	webpushs.com web.webpushs.com
1	coronavirus-monitor.ru coronavirus-monitor.ru	485 KB
1	googleapis.com fonts.googleapis.com	831 B
32	12

	Domain	Requested by
7	covid19online.ru	1 redirects covid19online.ru
6	fonts.gstatic.com	covid19online.ru
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	yastatic.net	covid19online.ru
2	pagead2.googlesyndication.com	covid19online.ru pagead2.googlesyndication.com
2	api-maps.yandex.ru	covid19online.ru api-maps.yandex.ru
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	mc.yandex.ru	covid19online.ru
1	informer.yandex.ru	covid19online.ru
1	web.webpushs.com	covid19online.ru
1	coronavirus-monitor.ru	covid19online.ru
1	fonts.googleapis.com	covid19online.ru
0	money.yandex.ru Failed	covid19online.ru
32	15

This site contains no links.

Subject Issuer	Validity	Valid
*.covid19online.ru Let's Encrypt Authority X3	`2020-07-09` - `2020-10-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
api-maps.yandex.ru Yandex CA	`2020-03-17` - `2020-09-13`	6 months	crt.sh
*.coronavirus-monitor.ru Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-17` - `2021-01-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://covid19online.ru/
Frame ID: A919CB84B30100559CADC49B2F9C8D18
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200709/r20190131/zrt_lookup.html
Frame ID: A334CE9B91A5D561BB5016E599410389
Requests: 1 HTTP requests in this frame

Frame: https://money.yandex.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%B4%D0%B4%D0%B5%D1%80%D0%B6%D0%BA%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%B0&targets-hint=&default-sum=&button-text=12&payment-type-choice=on&hint=&successURL=https%3A%2F%2Fcovid19online.ru%2F&quickpay=shop&account=410011783718750
Frame ID: D63F05D733DCD2D0145278B86F85398A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3830253558509357&output=html&adk=1812271804&adf=3025194257&lmt=1594751483&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19online.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594751483329&bpp=18&bdt=526&idt=85&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1574797672484&frm=20&pv=2&ga_vid=540183472.1594751483&ga_sid=1594751483&ga_hid=333449081&ga_fc=0&iag=0&icsg=4486007437134467&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1561186330138633&pem=119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
Frame ID: 1D468A8738F07466C5A8E5B2C298E602
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://covid19online.ru/ HTTP 301
https://covid19online.ru/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

32
Requests

88 %
HTTPS

91 %
IPv6

12
Domains

15
Subdomains

12
IPs

3
Countries

774 kB
Transfer

6089 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covid19online.ru/ HTTP 301
https://covid19online.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
covid19online.ru/
Redirect Chain

http://covid19online.ru/
https://covid19online.ru/

35 KB
6 KB

322ms
302ms

Document
text/html

2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.15
Resource Hash: 02ff952cc8ca7990192dc1f31633161fc266186a7ee80d80cfe7124642f9fca5

Request headers

:method: GET
:authority: covid19online.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 14 Jul 2020 18:31:22 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dfcbdfc515910c278a66d0ab78d2896c21594751482; expires=Thu, 13-Aug-20 18:31:22 GMT; path=/; domain=.covid19online.ru; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/7.3.15
cf-cache-status: DYNAMIC
cf-request-id: 03f031927e000032584e138200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b2d51fd98573258-FRA
content-encoding: br

Redirect headers

Date: Tue, 14 Jul 2020 18:31:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 14 Jul 2020 19:31:22 GMT
Location: https://covid19online.ru/
cf-request-id: 03f031924f0000176af807d200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b2d51fd488d176a-FRA

GET
H2 200 css
fonts.googleapis.com/ 7 KB
831 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

245e0bd9c5a93f34cc25a5742ea0d0dfe139d9fed4bda9a4ad13e6057da22072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jul 2020 18:01:39 GMT
server: ESF
date: Tue, 14 Jul 2020 18:31:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jul 2020 18:31:22 GMT

GET
H/1.1 200
OK / Show response
api-maps.yandex.ru/2.1/ 37 KB
13 KB 217ms
129ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?apikey=bc9fd63f-3623-4eec-90ee-ef97da50ced6&lang=ru_RU

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

b57609b1859f60790c2dad7586d6be0bc76ef6f6ae1056e1c8e93fc10b3a586e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 14 Jul 2020 18:31:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: iva7-d2f9a095a3f2.qloud-c.yandex.net
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-LIGHTTPD-LOCALE: ru_RU
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-lite-9.js Show response
coronavirus-monitor.ru/ 5 MB
485 KB 128ms
104ms Script
application/javascript 2606:4700:3030::6812:2367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronavirus-monitor.ru/jquery-lite-9.js?a=12
Requested by: Host: covid19online.ru
URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:2367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37900b6338d229e8686a0f72d2372edb0b88fd1eb393d648b27e0ba6534dc002

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Jul 2020 18:30:02 GMT
server: cloudflare
etag: W/"5f0df9aa-8e4af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5b2d51ffaaf6dff7-FRA
cf-request-id: 03f03193ca0000dff7df3c6200000001

GET
H2 200 39162dbffafc7350991f6310961fc35b_1.js
web.webpushs.com/js/push/ 49 KB
0 202ms
57ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/39162dbffafc7350991f6310961fc35b_1.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

frankfurt-53.cdn77.com

Software

CDN77-Turbo /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 37137
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzXrt4X9EZEAAA==
x-sp-ma: ma5
last-modified: Tue, 14 Jul 2020 08:05:01 GMT
server: CDN77-Turbo
etag: W/"c31c-5aa6243a337ea"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
x-sp-pr: lpr5
cache-control: max-age=604800
x-edge-ip: 195.181.175.53
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Tue, 21 Jul 2020 08:12:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 115 KB
41 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a344f75cf210a16f93549660ee57834ecafe41f7bd9a9ad6c8ea406ea736f771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 41816
x-xss-protection: 0
server: cafe
etag: 396574131215354986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Jul 2020 18:31:23 GMT

GET
H2 200 app.5b65208a.css
covid19online.ru/styles/app/ 21 KB
4 KB 173ms
172ms Stylesheet
text/css 2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19online.ru/styles/app/app.5b65208a.css
Requested by: Host: covid19online.ru
URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe54e7e9c8800982df4e1d5bed34e2b7f2d54dc8b4fdc8ecfafb334c1a48adb

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Mar 2020 11:43:24 GMT
server: cloudflare
etag: W/"5e6f665c-53d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5b2d51ff8e0e3258-FRA
cf-request-id: 03f03193b5000032584e15e200000001
expires: Tue, 14 Jul 2020 19:16:22 GMT

GET
H2 200 home.d7491c9e.css
covid19online.ru/styles/home/ 4 KB
1 KB 171ms
171ms Stylesheet
text/css 2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19online.ru/styles/home/home.d7491c9e.css
Requested by: Host: covid19online.ru
URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdabcb822f8c1c4f45749a5228e398abc203c7acf8ab98cade2d3ca38f71b5e

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 16 Mar 2020 11:43:24 GMT
server: cloudflare
etag: W/"5e6f665c-11f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5b2d51ff8e103258-FRA
cf-request-id: 03f03193b5000032584e15f200000001
expires: Tue, 14 Jul 2020 19:16:22 GMT

GET
H/1.1 200
OK 3_0_ECECECFF_CCCCCCFF_0_pageviews
informer.yandex.ru/informer/60998599/ 1 KB
2 KB 133ms
43ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/60998599/3_0_ECECECFF_CCCCCCFF_0_pageviews

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

c358a1ba6facc15ec78ca13f93c99464b902a8a54797bb0f8cb29a77c9fdc5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jul 2020 18:31:23 GMT
Last-Modified: Tue, 14-Jul-2020 18:31:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 1418
X-XSS-Protection: 1; mode=block
Expires: Tue, 14-Jul-2020 18:31:23 GMT

GET
H2 200 email-decode.min.js Show response
covid19online.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
881 B 9ms
9ms Script
application/javascript 2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://covid19online.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 09 Jul 2020 11:58:32 GMT
server: cloudflare
etag: W/"5f070668-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5b2d520129ef3258-FRA
cf-request-id: 03f03194b6000032584e179200000001
expires: Thu, 16 Jul 2020 18:31:23 GMT

GET
H2 200 es5-shims.min.js Show response
yastatic.net/es5-shims/0.0.2/ 3 KB
2 KB 100ms
32ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/es5-shims/0.0.2/es5-shims.min.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
x-nginx-request-id: 94c2cb62c0ff2489
last-modified: Thu, 25 Oct 2018 11:27:00 GMT
server: nginx/1.17.9
etag: W/"32e3b4f3a8f6048da9934fec1ca08cea"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
timing-allow-origin: *
expires: Fri, 17 Jul 2020 06:27:51 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 87 KB
27 KB 59ms
58ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a09701513b3fa1e08b97f66da71eed1487e62e9eb66e9021ad64d3e372b52df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 05 Jun 2020 09:20:41 GMT
server: nginx/1.17.9
etag: W/"8e339958209b22436456c887511c76cc"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 17 Jul 2020 06:26:50 GMT

GET
H2 200 app.1e7419fa.js
covid19online.ru/scripts/app/ 4 KB
1 KB 167ms
164ms Script
application/javascript 2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19online.ru/scripts/app/app.1e7419fa.js
Requested by: Host: covid19online.ru
URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 16 Mar 2020 11:43:24 GMT
server: cloudflare
etag: W/"5e6f665c-1147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5b2d52025cea3258-FRA
cf-request-id: 03f0319576000032584e185200000001
expires: Tue, 14 Jul 2020 19:16:23 GMT

GET home.5db3468b.js
covid19online.ru/scripts/home/ 0
0

GET
H/1.1 200
OK map.js
api-maps.yandex.ru/2.1.76/ 100 KB
27 KB 152ms
60ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1.76/map.js?callback=__jsonp_ymaps_map&mode=release&flags=

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?apikey=bc9fd63f-3623-4eec-90ee-ef97da50ced6&lang=ru_RU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://covid19online.ru/
Origin: https://covid19online.ru

Response headers

Date: Tue, 14 Jul 2020 18:31:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-qloud-router: iva5-fd3f5194e8ae.qloud-c.yandex.net
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tag.js
mc.yandex.ru/metrika/ 319 KB
0 172ms
82ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 14 Jul 2020 18:31:23 GMT
Content-Encoding: br
Last-Modified: Wed, 08 Jul 2020 10:26:59 GMT
Server: nginx/1.14.2
ETag: "5f059f73-16c20"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93216
Expires: Tue, 14 Jul 2020 19:31:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Thu, 11 Jun 2020 16:23:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 2858852
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:23:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2756987
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 context.js
covid19online.ru/an.yandex.ru/system/ 0
142 B 172ms
171ms Script
application/javascript 2606:4700:3032::681c:ba9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19online.ru/an.yandex.ru/system/context.js
Requested by: Host: covid19online.ru
URL: https://covid19online.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681c:ba9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.15
Resource Hash

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cf-cache-status: MISS
server: cloudflare
x-powered-by: PHP/7.3.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 5b2d52026d213258-FRA
content-length: 0
cf-request-id: 03f0319582000032584e188200000001

GET
DATA 200
OK truncated
/ 553 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56d5f97ea714ee4f3569f497e69d174562e352b99e01f9a4c26a996a109b9529

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f1492a6f37a79da3606eb34e5c0eaddc86482d0857cedd64ef73ba5efc38ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Fri, 12 Jun 2020 00:19:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 2830307
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Thu, 09 Jul 2020 02:32:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 489508
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:32:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2952376
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

Requested by

Host: covid19online.ru
URL: https://covid19online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Origin: https://covid19online.ru

Response headers

date: Thu, 11 Jun 2020 16:46:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 2857505
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6864
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:46:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=covid19online.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=covid19online.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200709/r20190131/ 220 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200709/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84613
x-xss-protection: 0
server: cafe
etag: 7836056997218078702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Jul 2020 18:31:23 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200709/r20190131/ Frame A334 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200709/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200709/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covid19online.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://covid19online.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 10 Jul 2020 02:04:08 GMT
expires: Fri, 24 Jul 2020 02:04:08 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 404835
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET shop-widget
money.yandex.ru/quickpay/ Frame D63F 0
0

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1D46 0
0 23ms
23ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3830253558509357&output=html&adk=1812271804&adf=3025194257&lmt=1594751483&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19online.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594751483329&bpp=18&bdt=526&idt=85&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1574797672484&frm=20&pv=2&ga_vid=540183472.1594751483&ga_sid=1594751483&ga_hid=333449081&ga_fc=0&iag=0&icsg=4486007437134467&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1561186330138633&pem=119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200709/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3830253558509357&output=html&adk=1812271804&adf=3025194257&lmt=1594751483&plat=1%3A32776%2C2%3A16809992%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19online.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594751483329&bpp=18&bdt=526&idt=85&shv=r20200709&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1574797672484&frm=20&pv=2&ga_vid=540183472.1594751483&ga_sid=1594751483&ga_hid=333449081&ga_fc=0&iag=0&icsg=4486007437134467&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=1561186330138633&pem=119&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=108
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://covid19online.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://covid19online.ru/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 14 Jul 2020 18:31:23 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 14-Jul-2020 18:46:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 14 Jul 2020 18:31:23 GMT
cache-control: private

GET
H2 200 osd.js
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200709/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19online.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 14 Jul 2020 18:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594380418682853"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27203
x-xss-protection: 0
expires: Tue, 14 Jul 2020 18:31:23 GMT

GET combine.js
api-maps.yandex.ru/2.1.76/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: covid19online.ru
URL: https://covid19online.ru/scripts/home/home.5db3468b.js

Domain: money.yandex.ru
URL: https://money.yandex.ru/quickpay/shop-widget?writer=seller&targets=%D0%9F%D0%BE%D0%B4%D0%B4%D0%B5%D1%80%D0%B6%D0%BA%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%B0&targets-hint=&default-sum=&button-text=12&payment-type-choice=on&hint=&successURL=https%3A%2F%2Fcovid19online.ru%2F&quickpay=shop&account=410011783718750

Domain: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1.76/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=10111415161718192021222324252627282940414243444546474849606162636468717273747576777879818384858690919293949596979899$*,!.O.C)47q8s1.1,1z.V$b$c_78w,c)2):8t)A1-1J1:)!(,1Q)C05$d2b2e$a9Z2c_38x,O,6)i1i1))H.y016X)G)O,T)z).,k2a_51W)I0$06(@)(,D7h)c)e)F)u)j.A)))*,x,E,B,K,F7p)d,L,y,G,H$I0a0f0g0l0o0m0r0s0A0C0B0D4U0L0G0H0N0Y1c1n1o1r1p1t1A1w1x1B1G1P1R1S1T1V1$1!1q2d2g2h2f2x2B2C2D2F2G2H2*2:2Z3a3d3e3f3g2z2Q2J2i2q2j2)3m3p3r4H4v4w4x4y4K4L4(4:4Q5i5Z6o5Q6f6a6b6c6e6g6l6p6h6K6L6M6N6O6P6U6W6Y6R6,6:6@7a7e9Y7,7S7T7V7W7X7$7*7(7)7;7:8o8p8r8u8v8y-c-d-k8)9F8C9R9T9S9U$7$!4V4W4X_W-o-!-w-Y-1_2_64Y_-0E,u__.f.k.m.n.o.p.v.w_Z.K.H.N(S(X(2(6(q(i(Z)v)w)Y)60c0b0h)r,)0d)J0e0k0p7Y0Q0z:C0u0y,a0T084S0M1Z1I!h_X0K0W0O0P001O1m1v1b1f1s1d1u037Q1a:80I0Z1y!C,i:u1K1M1F1E:D(h1h(H1U1X,v1(1@7A7w,q_V.b:v2A0-2P)n2O2N2T2M2U)m2R2S2_2W2$2(2L)-2V,e2I2-2X2!3b2Y2.2K2@2,3k3s4t*v(;)D)33l3o0!4G_4)g,l_0_Y4A4D4E4B4F4C0*4u04)q(:4!4$4-4.4*4_4,4z)U5z0q6m6n5J5I0i6d6k6V*L6H);)f)l0J6T6S8b:j0.0;,N6;6j6q6i)h7b9W9!9z9@9i7.7U7R7j)k():w:x)@,7$(7P0).s$e7!)7:I7_7-

Domain: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1.76/combine.js?callback_prefix=__jsonp_ymaps_combine&mode=release&flags=&load=)Z4M7@8m7i7z7J7I8c8d8e8f8g8h8k8l8n:Z$Z-h-a8Y8A9t9s:y9G8B9V9Q_1-8-r-y,S_G_N9*9,9__9_$)_)t,t.e,5.g.h.l.x.L.D.M(9(N(1(7(-((,;(W(M(U(O(3($(_(Y(R(z(Q(I(J)y)V)X.W,(0n0S0R0:070_!k!l!m0V)a1e;c;!1g!2!w!o!E!D1H1D.d1C*R)s(k(K7H:t:m)p:K:G:M,::O:F(j,d5f2E4Z5j3B!q4N4O4P*w*u*H3R3n.r)Q4T,r*M*K,M,n;z5:.B),,f9J9$9X9.9j9q9I9-029;_8,R:k,Z,I:d:e:h:l:g.u0()9)8;j:96B:J-f;i-b8I:L3E9a)b9c9P9O9N9w9A9K9l*:*.-s-t-M-5_F-p_E-l-m-n-v-A-B-C-D-E-F-(-:_O_S_T)B,P.E.F.G1Y(5(.(4(L(V:N(0(P)W0,!i.9.Z.!.,.q.*)0;Q!3!n!y!x@p@m:_)L)M1l.c:p,,0@)R!j8a7Z*f*y*C*B*A*G*D*t,o,s,m;L9)9(9::f,J:a.t;(;*6w6x6C6A;q-e8Z9h9p9o9e9b9f9v8Q9y9H9k*,-3-X-7-U-u-N-O6E-P-R-V-W_H_M_L-K,.(!:E(T,W._.-.$.(6Z!c!b!a.).@.;.:.z.i.j:W09;,)K,V:r:s.a)P)S7d*E!I*d*c!Z*s*o*l*e;d,p@L6u6y6v9u9d9x9C9D9E9B9L9M9m9n-9!A6F6D7c!f!g!e!d...I.J.Q;.*g!J!Q:$*b*a:U*n*m*k*h;Z;J;I2;9g-$!B@N@X@$:V@9@6@5;_

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-maps.yandex.ru
coronavirus-monitor.ru
covid19online.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
mc.yandex.ru
money.yandex.ru
pagead2.googlesyndication.com
web.webpushs.com
www.googletagservices.com
yastatic.net
api-maps.yandex.ru
covid19online.ru
money.yandex.ru
195.181.175.55
2606:4700:3030::6812:2367
2606:4700:3032::681c:ba9
2a00:1450:4001:800::200a
2a00:1450:4001:818::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:820::2002
2a00:1450:4001:825::2002
2a02:6b8:20::215
2a02:6b8::173
2a02:6b8::1:119
02ff952cc8ca7990192dc1f31633161fc266186a7ee80d80cfe7124642f9fca5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
245e0bd9c5a93f34cc25a5742ea0d0dfe139d9fed4bda9a4ad13e6057da22072
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
37900b6338d229e8686a0f72d2372edb0b88fd1eb393d648b27e0ba6534dc002
3f1492a6f37a79da3606eb34e5c0eaddc86482d0857cedd64ef73ba5efc38ae5
3fe54e7e9c8800982df4e1d5bed34e2b7f2d54dc8b4fdc8ecfafb334c1a48adb
40f09dcdb226fb60428bfe107e02f6c50db1561694264b0144e0155f9f3e4140
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
56d5f97ea714ee4f3569f497e69d174562e352b99e01f9a4c26a996a109b9529
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
a09701513b3fa1e08b97f66da71eed1487e62e9eb66e9021ad64d3e372b52df1
a344f75cf210a16f93549660ee57834ecafe41f7bd9a9ad6c8ea406ea736f771
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
b57609b1859f60790c2dad7586d6be0bc76ef6f6ae1056e1c8e93fc10b3a586e
c358a1ba6facc15ec78ca13f93c99464b902a8a54797bb0f8cb29a77c9fdc5d4
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
efdabcb822f8c1c4f45749a5228e398abc203c7acf8ab98cade2d3ca38f71b5e

covid19online.ru Open in urlscan Pro 2606:4700:3032::681c:ba9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

88 %HTTPS

91 %IPv6

12 Domains

15 Subdomains

12 IPs

3 Countries

774 kBTransfer

6089 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19online.ru Open in urlscan Pro
2606:4700:3032::681c:ba9 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

91 %
IPv6

12
Domains

15
Subdomains

12
IPs

3
Countries

774 kB
Transfer

6089 kB
Size

0
Cookies

32 HTTP transactions
3 data transactions