URL: https://covid19-now.ru/
Submission: On May 14 via automatic, source certstream-suspicious

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3036::681f:4fd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is covid19-now.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 14th 2020. Valid for: 3 months.
This is the only time covid19-now.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
12 covid19-now.ru covid19-now.ru
4 pagead2.googlesyndication.com covid19-now.ru
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.gstatic.com pagead2.googlesyndication.com
covid19-now.ru
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 counter.yadro.ru 1 redirects covid19-now.ru
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 nashemisto.dp.ua covid19-now.ru
1 lh3.googleusercontent.com covid19-now.ru
1 smartairfilters.com covid19-now.ru
1 phototass4.cdnvideo.ru covid19-now.ru
1 fonts.googleapis.com covid19-now.ru
34 14

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
*.covid19-now.ru
Let's Encrypt Authority X3
2020-05-14 -
2020-08-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
*.cdnvideo.ru
Go Daddy Secure Certificate Authority - G2
2018-06-13 -
2020-06-26
2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-30 -
2020-10-09
8 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
*.google.de
GTS CA 1O1
2020-04-15 -
2020-07-08
3 months crt.sh
*.google.com
GTS CA 1O1
2020-04-28 -
2020-07-21
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-15 -
2020-07-08
3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA
2020-02-02 -
2022-05-02
2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-04-15 -
2020-07-08
3 months crt.sh

This page contains 5 frames:

Primary Page: https://covid19-now.ru/
Frame ID: 3C5B3F226AA168490CFB017121241F37
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html
Frame ID: 2CB2EC7A5427960EB8F8C0EA1365B03A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245067005109089&output=html&adk=1812271804&adf=3025194257&lmt=1589449862&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19-now.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589449861585&bpp=576&bdt=66&idt=667&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=120594442594&frm=20&pv=2&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=2878459&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=708
Frame ID: 0AC2C497E6A40FE2E89E5F908E8A0889
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245067005109089&output=html&h=90&slotname=2481507015&adk=2316039315&adf=3777207981&w=728&lmt=1589449862&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fcovid19-now.ru%2F&flash=0&wgl=1&adsid=NT&dt=1589449862204&bpp=3&bdt=685&idt=97&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=120594442594&frm=20&pv=1&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=11267067&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=211&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Mbxz3KQHva&p=https%3A//covid19-now.ru&dtd=104
Frame ID: CE71D3CED28E958294C4F1D434805BEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C03B791DE87ED5A1328443B2BC657CA7
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

34
Requests

97 %
HTTPS

80 %
IPv6

13
Domains

14
Subdomains

11
IPs

3
Countries

723 kB
Transfer

1188 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://counter.yadro.ru/hit?t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u044F%20%u043E%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u0435%20-%20%u041E%u0431%u0437%u043E%u0440%20%u0442%u0435%u043A%u0443%u0449%u0435%u0439%20%u0441%u0438%u0442%u0443%u0430%u0446%u0438%u0438%20%u0441%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u043E%u043C%20%u0432%u043E%20%u0432%u0441%u0451%u043C%20%u043C%u0438%u0440%u0435;0.4043231309723183 HTTP 302
  • https://counter.yadro.ru/hit?q;t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u044F%20%u043E%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u0435%20-%20%u041E%u0431%u0437%u043E%u0440%20%u0442%u0435%u043A%u0443%u0449%u0435%u0439%20%u0441%u0438%u0442%u0443%u0430%u0446%u0438%u0438%20%u0441%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u043E%u043C%20%u0432%u043E%20%u0432%u0441%u0451%u043C%20%u043C%u0438%u0440%u0435;0.4043231309723183

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
covid19-now.ru/
55 KB
9 KB
Document
General
Full URL
https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e370f13b8a2c54ce8316a31b133991e4d061fea9b615abace9a57b58343afbc

Request headers

:method
GET
:authority
covid19-now.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 14 May 2020 09:51:01 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5beb404295fe380a17bc4a46e62f0f7e1589449861; expires=Sat, 13-Jun-20 09:51:01 GMT; path=/; domain=.covid19-now.ru; HttpOnly; SameSite=Lax
link
<http://covid19-now.ru/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5933b7e09c1e1f19-FRA
content-encoding
br
cf-request-id
02b431405a00001f19ce2f5200000001
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4be263459de52f1d9b6bc820bdea57f31d8473b32d10311a5732c8abcc0d5114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
39246
x-xss-protection
0
server
cafe
etag
15848796709832183548
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 May 2020 09:51:01 GMT
style.min.css
covid19-now.ru/wp-includes/css/dist/block-library/
29 KB
4 KB
Stylesheet
General
Full URL
https://covid19-now.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"726f-5a14c0ed0ed19-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a0c1f19-FRA
cf-request-id
02b431419b00001f19ce30d200000001
style.css
covid19-now.ru/wp-content/themes/lowcoster/
61 KB
9 KB
Stylesheet
General
Full URL
https://covid19-now.ru/wp-content/themes/lowcoster/style.css?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a479fac37dabbe493c207f07915cf76aa01b6f89da3ac198b70bd03ba7c37e

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"f2e9-5a14c0ec60fe9-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a131f19-FRA
cf-request-id
02b431419b00001f19ce30e200000001
genericons.css
covid19-now.ru/wp-content/themes/lowcoster/css/genericons/
27 KB
16 KB
Stylesheet
General
Full URL
https://covid19-now.ru/wp-content/themes/lowcoster/css/genericons/genericons.css?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bc1bdc02eccdaf89a655eec31c480629e15c02c5c3b1854dc17fe07c1fcd61

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"6c57-5a14c0ec64e69-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a181f19-FRA
cf-request-id
02b431419b00001f19ce30f200000001
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%7CHammersmith+One&subset=latin%2Clatin-ext
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28155e612f96b483d5fe245671700c579a675dd6043affd973ba8eeb73ae32f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 May 2020 09:51:01 GMT
server
ESF
date
Thu, 14 May 2020 09:51:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 May 2020 09:51:01 GMT
jquery.js
covid19-now.ru/wp-includes/js/jquery/
95 KB
32 KB
Script
General
Full URL
https://covid19-now.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"17a69-5a14c0ec87146-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a1c1f19-FRA
cf-request-id
02b431419b00001f19ce310200000001
jquery-migrate.min.js
covid19-now.ru/wp-includes/js/jquery/
10 KB
4 KB
Script
General
Full URL
https://covid19-now.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"2748-5a14c0ec82326-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a201f19-FRA
cf-request-id
02b431419b00001f19ce311200000001
navigation.js
covid19-now.ru/wp-content/themes/lowcoster/js/
6 KB
2 KB
Script
General
Full URL
https://covid19-now.ru/wp-content/themes/lowcoster/js/navigation.js?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98de371c5377a8a9abf530b9f720463a29d624dcb0e1314084e589935fab22a

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:40 GMT
server
cloudflare
etag
W/"18fc-5a14c0ec5d16a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a231f19-FRA
cf-request-id
02b431419b00001f19ce312200000001
sidebar.js
covid19-now.ru/wp-content/themes/lowcoster/js/
2 KB
937 B
Script
General
Full URL
https://covid19-now.ru/wp-content/themes/lowcoster/js/sidebar.js?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a3c1858cb72042640da6db8fd26133bcb556b59cc57a00974e96e1681718f9

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:40 GMT
server
cloudflare
etag
W/"94e-5a14c0ec5d16a-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5933b7e29a241f19-FRA
cf-request-id
02b431419b00001f19ce313200000001
covid.png
covid19-now.ru/wp-content/uploads/2020/03/
215 KB
215 KB
Image
General
Full URL
https://covid19-now.ru/wp-content/uploads/2020/03/covid.png
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43283ccb2372e75856a2f209b22f6e409329082b0af2624c63610594f1286cf4

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:03 GMT
cf-cache-status
MISS
last-modified
Sun, 22 Mar 2020 10:39:39 GMT
server
cloudflare
etag
"35c0f-5a16f22bee27f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5933b7e67d0b1f19-FRA
content-length
220175
cf-request-id
02b431440c00001f19ce33b200000001
covid.png
covid19-now.ru/wp-content/uploads/2020/04/
27 KB
27 KB
Image
General
Full URL
https://covid19-now.ru/wp-content/uploads/2020/04/covid.png
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41cd4372b04523aa16d9ff70751ca5e9d1c52311f8e578043b08619186a5bd1

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Apr 2020 18:18:52 GMT
server
cloudflare
etag
"6d51-5a252d549ef0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5933b7e67d181f19-FRA
content-length
27985
cf-request-id
02b431440c00001f19ce33c200000001
5464599.jpg
phototass4.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20200401/
150 KB
150 KB
Image
General
Full URL
https://phototass4.cdnvideo.ru/width/1020_b9261fa1/tass/m2/uploads/i/20200401/5464599.jpg
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.254.23.81 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software
nginx /
Resource Hash
ab6fe501e5276088adca0bf78325d20f80dc4157dad6319f04cc007f9eb9d2c6

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 14 May 2020 09:51:02 GMT
cache-control
max-age=31536000
server
nginx
content-type
image/jpeg
expires
Thu, 01 Apr 2021 13:09:16 GMT
Can-masks-and-surgical-masks-protect-against-the-coronavirus-750x410.jpg
smartairfilters.com/wordpress/wp-content/uploads/2020/02/
41 KB
42 KB
Image
General
Full URL
https://smartairfilters.com/wordpress/wp-content/uploads/2020/02/Can-masks-and-surgical-masks-protect-against-the-coronavirus-750x410.jpg
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:6bbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267366d95b11891d8f54a92c52eaff74e5ccaf7894f069c17c4ad627d64e3066
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
4960976
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
42301
cf-request-id
02b43144290000c290fa353200000001
last-modified
Fri, 07 Feb 2020 04:26:41 GMT
server
cloudflare
etag
"a53d-59df4cbdf827e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
5933b7e6adb5c290-FRA
expires
Wed, 17 Mar 2021 23:48:16 GMT
CEdc4jJ_kZvFhu6hODvRgwDc1cujNdmqJmSQzXwNU2Fy9eYyQAkeHPK0Y6_WxdzCLa8L-1lHTFiUYhmHg-TgmjDfoW9S6TkCfxFgX_vYTaB64pkRjb5URdDimSx0X2M
lh3.googleusercontent.com/proxy/
0
0
Image
General
Full URL
https://lh3.googleusercontent.com/proxy/CEdc4jJ_kZvFhu6hODvRgwDc1cujNdmqJmSQzXwNU2Fy9eYyQAkeHPK0Y6_WxdzCLa8L-1lHTFiUYhmHg-TgmjDfoW9S6TkCfxFgX_vYTaB64pkRjb5URdDimSx0X2M
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE.png
covid19-now.ru/wp-content/uploads/2020/03/
3 KB
3 KB
Image
General
Full URL
https://covid19-now.ru/wp-content/uploads/2020/03/%D0%B7%D0%B0%D0%B3%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%BE.png
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c133b5051214a4e5c9c7fa7afffdd279d0d38bcacdab095a1d49d818f9a3e7ec

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:03 GMT
cf-cache-status
MISS
last-modified
Sun, 29 Mar 2020 12:06:15 GMT
server
cloudflare
etag
"b19-5a1fd29546728"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5933b7e67d1b1f19-FRA
content-length
2841
cf-request-id
02b431440c00001f19ce33d200000001
jepidemija-glavnaja-730x528.jpg
nashemisto.dp.ua/wp-content/uploads/2020/03/
0
0
Image
General
Full URL
https://nashemisto.dp.ua/wp-content/uploads/2020/03/jepidemija-glavnaja-730x528.jpg
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::681b:a7eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

wp-embed.min.js
covid19-now.ru/wp-includes/js/
1 KB
740 B
Script
General
Full URL
https://covid19-now.ru/wp-includes/js/wp-embed.min.js?ver=5.2.6
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681f:4fd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2020 16:48:41 GMT
server
cloudflare
etag
W/"57b-5a14c0ec8cf05-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5933b7e31b891f19-FRA
cf-request-id
02b43141f300001f19ce318200000001
wp-emoji-release.min.js
covid19-now.ru/wp-includes/js/
0
0

integrator.js
adservice.google.de/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=covid19-now.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
952 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=covid19-now.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 May 2020 09:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/
218 KB
82 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
84031
x-xss-protection
0
server
cafe
etag
11558267481566639666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 May 2020 09:51:02 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%7CHammersmith+One&subset=latin%2Clatin-ext
Origin
https://covid19-now.ru

Response headers

date
Thu, 14 May 2020 07:10:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
9606
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6720
x-xss-protection
0
expires
Fri, 14 May 2021 07:10:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%7CHammersmith+One&subset=latin%2Clatin-ext
Origin
https://covid19-now.ru

Response headers

date
Fri, 08 May 2020 19:19:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
484317
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 08 May 2021 19:19:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/ Frame 2CB2
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200511/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200511/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19-now.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-now.ru/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Tue, 12 May 2020 03:57:00 GMT
expires
Tue, 26 May 2020 03:57:00 GMT
content-type
text/html; charset=UTF-8
etag
4094386822458569044
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4444
x-xss-protection
0
cache-control
public, max-age=1209600
age
194042
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
qWcyB624q4L_C4jGQ9IK0O_dFlnrtRElkYABXg.woff2
fonts.gstatic.com/s/hammersmithone/v10/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/hammersmithone/v10/qWcyB624q4L_C4jGQ9IK0O_dFlnrtRElkYABXg.woff2
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b84e5326527f10fc897e55c10f7b0bff361766faac8a44e808e57c685c84c27d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%7CHammersmith+One&subset=latin%2Clatin-ext
Origin
https://covid19-now.ru

Response headers

date
Wed, 13 May 2020 04:32:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:48:14 GMT
server
sffe
age
105502
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11620
x-xss-protection
0
expires
Thu, 13 May 2021 04:32:40 GMT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://covid19-now.ru

Response headers

Content-Type
application/font-woff;charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%...
  • https://counter.yadro.ru/hit?q;t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u043...
198 B
577 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u044F%20%u043E%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u0435%20-%20%u041E%u0431%u0437%u043E%u0440%20%u0442%u0435%u043A%u0443%u0449%u0435%u0439%20%u0441%u0438%u0442%u0443%u0430%u0446%u0438%u0438%20%u0441%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u043E%u043C%20%u0432%u043E%20%u0432%u0441%u0451%u043C%20%u043C%u0438%u0440%u0435;0.4043231309723183
Requested by
Host: covid19-now.ru
URL: https://covid19-now.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
ef7f39647868d3d31e0c23575067e47deef96349a6833870291e4fba2f51c250

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 May 2020 09:51:02 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
198
Expires
Tue, 14 May 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 May 2020 09:51:02 GMT
Server
nginx/1.17.9
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t16.1;r;s1600*1200*24;uhttps%3A//covid19-now.ru/;h%u0410%u043A%u0442%u0443%u0430%u043B%u044C%u043D%u0430%u044F%20%u0438%u043D%u0444%u043E%u0440%u043C%u0430%u0446%u0438%u044F%20%u043E%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u0435%20-%20%u041E%u0431%u0437%u043E%u0440%20%u0442%u0435%u043A%u0443%u0449%u0435%u0439%20%u0441%u0438%u0442%u0443%u0430%u0446%u0438%u0438%20%u0441%20%u043A%u043E%u0440%u043E%u043D%u043E%u0432%u0438%u0440%u0443%u0441%u043E%u043C%20%u0432%u043E%20%u0432%u0441%u0451%u043C%20%u043C%u0438%u0440%u0435;0.4043231309723183
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 14 May 2019 21:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0AC2
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245067005109089&output=html&adk=1812271804&adf=3025194257&lmt=1589449862&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19-now.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589449861585&bpp=576&bdt=66&idt=667&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=120594442594&frm=20&pv=2&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=2878459&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=708
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3245067005109089&output=html&adk=1812271804&adf=3025194257&lmt=1589449862&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcovid19-now.ru%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1589449861585&bpp=576&bdt=66&idt=667&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=120594442594&frm=20&pv=2&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=2878459&dssz=15&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=708
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19-now.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-now.ru/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 May 2020 09:51:02 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-May-2020 10:06:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1589369616634380"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Thu, 14 May 2020 09:51:02 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CE71
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3245067005109089&output=html&h=90&slotname=2481507015&adk=2316039315&adf=3777207981&w=728&lmt=1589449862&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fcovid19-now.ru%2F&flash=0&wgl=1&adsid=NT&dt=1589449862204&bpp=3&bdt=685&idt=97&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=120594442594&frm=20&pv=1&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=11267067&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=211&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Mbxz3KQHva&p=https%3A//covid19-now.ru&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3245067005109089&output=html&h=90&slotname=2481507015&adk=2316039315&adf=3777207981&w=728&lmt=1589449862&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fcovid19-now.ru%2F&flash=0&wgl=1&adsid=NT&dt=1589449862204&bpp=3&bdt=685&idt=97&shv=r20200511&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=120594442594&frm=20&pv=1&ga_vid=1846261837.1589449862&ga_sid=1589449862&ga_hid=892121957&ga_fc=0&iag=0&icsg=11267067&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=211&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065531%2C21066085&oid=3&pvsid=4179948763416383&pem=911&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8208&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Mbxz3KQHva&p=https%3A//covid19-now.ru&dtd=104
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19-now.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-now.ru/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 14 May 2020 09:51:02 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 14-May-2020 10:06:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200511&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50fbc86b01b9f566de947f402d0b86bb1236a6b4766d4a3ec156b14206ffaedd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 May 2020 09:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5636
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200511/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 09:51:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Thu, 14 May 2020 09:51:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C03B
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://covid19-now.ru/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-now.ru/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Thu, 14 May 2020 09:09:27 GMT
expires
Fri, 14 May 2021 09:09:27 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2496
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/
0
120 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200511&jk=4179948763416383&bg=!i4iliJBYf1RMcpfHPpICAAAASlIAAAAMmQF2kxme2yS1mIquqI_c5wVsstMrcqO-5noelQUNx8u_ncOH4CyLbrynWHQC6I7CesmKkKWDCqWBjGA5v3zAOd6jaTpStgjjHbCA2l_3caoy44F7hKtV5y6sg5GHpWuf6UU3uoYohfxOQ3taG8PjRLuLs7Hlu1xWzSOjNVqpxNir0WbaFHCujtXeAadwI-RGTbDpbD5BPdwtqM9v3rkSV-jwbumVVualJ1ymkgOW0He2tNjCqHNl4hPliQ0bbD6ky2GnGnwXu2m2wpviQWEhOLA22aFAcMdC6y2ItLKRjUZdHpQMbLq2AH8f4VXJz76TPx0UVBWf3MbIXBhDjQPdcifeY2GWDyk9cugTNcmvCdxdvfM-XLKj9il0UA7mRPBcKN3Z4xk1-cLFffaivue8emn6Ct9quhyJntXcvUUxo3rd4JuE5VJ3UNitW91IQ7OBQvVr86IpDjaQZJs3GJsfLj8eyj4Ki5oLAOVBAq5TWdHuQ2gqVnO2Tho
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://covid19-now.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 May 2020 09:51:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
covid19-now.ru
URL
http://covid19-now.ru/wp-includes/js/wp-emoji-release.min.js?ver=5.2.6

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots undefined| $ function| jQuery function| google_spfd object| google_sv_map object| google_t12n_vars boolean| _gfp_p_ number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| wp function| stickyMenu number| scrollTop object| jQuery1124004961935998364542 object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.covid19-now.ru/ Name: __cfduid
Value: d5beb404295fe380a17bc4a46e62f0f7e1589449861

1 Console Messages

Source Level URL
Text
console-api log URL: https://covid19-now.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
covid19-now.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
nashemisto.dp.ua
pagead2.googlesyndication.com
phototass4.cdnvideo.ru
smartairfilters.com
tpc.googlesyndication.com
www.googletagservices.com
covid19-now.ru
2606:4700:3034::6818:6bbd
2606:4700:3034::681b:a7eb
2606:4700:3036::681f:4fd5
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:821::2001
5.254.23.81
88.212.201.216
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2296ad963561232639dba37439e330c1bfed2f9f79d62ca1960c242f96a11bcb
267366d95b11891d8f54a92c52eaff74e5ccaf7894f069c17c4ad627d64e3066
28155e612f96b483d5fe245671700c579a675dd6043affd973ba8eeb73ae32f6
43283ccb2372e75856a2f209b22f6e409329082b0af2624c63610594f1286cf4
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4be263459de52f1d9b6bc820bdea57f31d8473b32d10311a5732c8abcc0d5114
4e370f13b8a2c54ce8316a31b133991e4d061fea9b615abace9a57b58343afbc
50fbc86b01b9f566de947f402d0b86bb1236a6b4766d4a3ec156b14206ffaedd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
65a3c1858cb72042640da6db8fd26133bcb556b59cc57a00974e96e1681718f9
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ab6fe501e5276088adca0bf78325d20f80dc4157dad6319f04cc007f9eb9d2c6
b84e5326527f10fc897e55c10f7b0bff361766faac8a44e808e57c685c84c27d
c133b5051214a4e5c9c7fa7afffdd279d0d38bcacdab095a1d49d818f9a3e7ec
c98de371c5377a8a9abf530b9f720463a29d624dcb0e1314084e589935fab22a
d41cd4372b04523aa16d9ff70751ca5e9d1c52311f8e578043b08619186a5bd1
d6a479fac37dabbe493c207f07915cf76aa01b6f89da3ac198b70bd03ba7c37e
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
df4b376fc112266e6f1854609311b809452d452ecead88a1689693f8c2af84e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb531bdf231039081a7a6879d73bca91d8b8c7fc671615063746454c0daaa8c
ef7f39647868d3d31e0c23575067e47deef96349a6833870291e4fba2f51c250
f1bc1bdc02eccdaf89a655eec31c480629e15c02c5c3b1854dc17fe07c1fcd61