coronvi19.xyz Open in urlscan Pro
162.213.253.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronvi19.xyz/
Effective URL:
https://coronvi19.xyz/
Submission: On March 26 via manual (March 26th 2020, 10:53:38 pm UTC) from GB

Summary HTTP 48 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 21 domains to perform 48 HTTP transactions. The main IP is 162.213.253.118, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is coronvi19.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 24th 2020. Valid for: a year.

This is the only time coronvi19.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	162.213.253.118 162.213.253.118	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
28	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6818:72e2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	172.104.29.90 172.104.29.90	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
1 3	184.25.146.133 184.25.146.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.105.254.36 23.105.254.36	7979 (SERVERS) (SERVERS)
1 1	5.9.13.98 5.9.13.98	24940 (HETZNER-AS) (HETZNER-AS)
1	104.19.138.80 104.19.138.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	148.251.129.84 148.251.129.84	24940 (HETZNER-AS) (HETZNER-AS)
4 4	52.57.194.55 52.57.194.55	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.108.16 52.59.108.16	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.91.186 54.229.91.186	16509 (AMAZON-02) (AMAZON-02)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
48	16

2 162.213.253.118 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: premium76-3.web-hosting.com

coronvi19.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6818:72e2 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Philadelphia, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com

www.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.146.133 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-146-133.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.36 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.9.13.98 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.98.13.9.5.clients.your-server.de

uaadcodedsp.rontar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.138.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.129.84 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.84.129.251.148.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.194.55 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-194-55.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.108.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-108-16.eu-central-1.compute.amazonaws.com

sandbox.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.91.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-91-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com c.mgid.com s-img.mgid.com	226 KB
5	bidswitch.net 5 redirects x.bidswitch.net sandbox.bidswitch.net	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	gstatic.com fonts.gstatic.com	31 KB
3	supercounters.com widget.supercounters.com www.supercounters.com	3 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	711 B
2	outbrain.com 1 redirects sync.outbrain.com	798 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	655 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	coronvi19.xyz 1 redirects coronvi19.xyz	2 KB
1	lentainform.com cm.lentainform.com	329 B
1	loopme.me 1 redirects csync.loopme.me	192 B
1	idealmedia.io cm.idealmedia.io	510 B
1	steepto.com cm.steepto.com	279 B
1	rontar.com 1 redirects uaadcodedsp.rontar.com	265 B
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	blogspot.com 1.bp.blogspot.com	23 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
48	21

	Domain	Requested by
12	s-img.mgid.com	coronvi19.xyz
9	cm.mgid.com	jsc.mgid.com coronvi19.xyz
4	x.bidswitch.net	4 redirects
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com coronvi19.xyz
3	fonts.gstatic.com	coronvi19.xyz jsc.mgid.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	sync.outbrain.com	1 redirects coronvi19.xyz
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
2	c.mgid.com	coronvi19.xyz
2	servicer.mgid.com	jsc.mgid.com
2	fonts.googleapis.com	jsc.mgid.com
2	www.google-analytics.com	www.googletagmanager.com coronvi19.xyz
2	widget.supercounters.com	coronvi19.xyz
2	jsc.mgid.com	coronvi19.xyz
2	coronvi19.xyz	1 redirects
1	cm.lentainform.com	coronvi19.xyz
1	sandbox.bidswitch.net	1 redirects
1	csync.loopme.me	1 redirects
1	cm.idealmedia.io	coronvi19.xyz
1	cm.steepto.com	coronvi19.xyz
1	uaadcodedsp.rontar.com	1 redirects
1	udata.mixmarket.biz	1 redirects
1	cdn.mgid.com	coronvi19.xyz
1	www.supercounters.com	widget.supercounters.com
1	1.bp.blogspot.com	coronvi19.xyz
1	maxcdn.bootstrapcdn.com	coronvi19.xyz
1	www.googletagmanager.com	coronvi19.xyz
48	28

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
cryptoweb
bodysecretrevelation
vikings
instanthub.net
emergencysafesupply

Subject Issuer	Validity	Valid
coronvi19.xyz Sectigo RSA Domain Validation Secure Server CA	`2020-03-24` - `2021-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
ssl382684.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-09` - `2020-10-09`	10 months	crt.sh
*.supercounters.com COMODO RSA Domain Validation Secure Server CA	`2017-06-23` - `2020-06-22`	3 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
ssl382690.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-07` - `2020-05-15`	6 months	crt.sh
ssl731802.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-20` - `2020-08-28`	6 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://coronvi19.xyz/
Frame ID: 2CC05E00D5E947C14D3C69C93E81AC0C
Requests: 47 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1585263198176408206200
Frame ID: FDB15328B2343107D9E40E11F997A325
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://coronvi19.xyz/ HTTP 301
https://coronvi19.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

48
Requests

100 %
HTTPS

30 %
IPv6

21
Domains

28
Subdomains

16
IPs

5
Countries

355 kB
Transfer

748 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=coronvi19.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=846788

Search URL Search Domain Scan URL

URL: https://cryptoweb/How_To_Turn_%C2%A31_Into_%C2%A31000_In_One_Day_Banks_Cant_Stop_You

Search URL Search Domain Scan URL

URL: https://bodysecretrevelation/These_2_Vegetables_Will_Kill_Your_Belly_Fat_Overnight

Search URL Search Domain Scan URL

URL: https://vikings/Play_This_Game_For_1_Minute_And_See_Why_Everyone_Is_Addicted

Search URL Search Domain Scan URL

URL: https://instanthub.net/tv/the-real-story-behind-the-prince-william-prince-harry-feud/

Search URL Search Domain Scan URL

URL: https://instanthub.net/tv/8-shady-things-about-meghan-markle-everyone-ignores/

Search URL Search Domain Scan URL

URL: https://emergencysafesupply/This_Anti_Virus_Mask_Offers_Extra_Comfort_With_Added_Protection

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=coronvi19.xyz&utm_medium=referral&utm_campaign=widgets&utm_content=846768

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronvi19.xyz/ HTTP 301
https://coronvi19.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 36

https://uaadcodedsp.rontar.com/CookieSync.axd?sspId=104&uid=k2qiqIg2iaRf HTTP 302
https://cm.mgid.com/m?cdsp=337572&c=552cf14ec67c0fe2e24e94329a428730

Request Chain 39

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=9e0b1699-bd07-44db-a6ad-b135102964ff

Request Chain 40

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://sandbox.bidswitch.net/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=58&expires=14&user_id=0bcd8dd4-275b-4412-be25-5500bee98647&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=0bcd8dd4-275b-4412-be25-5500bee98647

Request Chain 41

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=e96438e8-9f35-4b3d-8e6d-84a8f00fe3e1&ttl=1587855198

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJxaXFJZzJpYVJm&muidn=k2qiqIg2iaRf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJxaXFJZzJpYVJm&muidn=k2qiqIg2iaRf&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k2qiqIg2iaRf&google_ula={guid},5&google_gid=CAESEPK-gFIwWWf24TuEd8iiors&google_cver=1

Request Chain 44

https://x.bidswitch.net/sync?dsp_id=303&user_id=k2qiqIg2iaRf HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647&rdrctExp=true

Request Chain 45

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=d5f34009-18d0-4fbd-ac4f-bbdbe3a87c59

Request Chain 46

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9=

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
coronvi19.xyz/
Redirect Chain

http://coronvi19.xyz/
https://coronvi19.xyz/

5 KB
2 KB

633ms
310ms

Document
text/html

162.213.253.118
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.253.118 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium76-3.web-hosting.com
Software: Apache / PHP/7.2.28
Resource Hash: b94909af66459e7b69826fd04216c5bdf63a38d83d58e6c335a9cb2d961b25fa

Request headers

:method: GET
:authority: coronvi19.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 26 Mar 2020 22:53:17 GMT
server: Apache
x-powered-by: PHP/7.2.28
vary: Accept-Encoding
content-encoding: gzip
content-length: 2039
content-type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 26 Mar 2020 22:53:17 GMT
Server: Apache
Location: https://coronvi19.xyz/
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 75 KB
28 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161661325-1

Requested by

Host: coronvi19.xyz
URL: https://coronvi19.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d2721c4ff63ce4a2073c49a5d26d70354cf5c67fb86fbb4e8713c73aac31c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 22:53:17 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28642
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 21:01:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Mar 2020 22:53:17 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/ 119 KB
20 KB 24ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/css/bootstrap.min.css
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 22:53:17 GMT
content-encoding: gzip
last-modified: Fri, 14 Dec 2018 05:14:43 GMT
access-control-allow-origin: *
etag: "1544764483"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19736

GET
H2 200 covid19.jpg
1.bp.blogspot.com/-MvzD68mijec/XnccbCmRCiI/AAAAAAAABno/pyodWfYAQlUsEj1Zq-zRBmysUCvnRM-AwCLcBGAsYHQ/s320/ 23 KB
23 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-MvzD68mijec/XnccbCmRCiI/AAAAAAAABno/pyodWfYAQlUsEj1Zq-zRBmysUCvnRM-AwCLcBGAsYHQ/s320/covid19.jpg

Requested by

Host: coronvi19.xyz
URL: https://coronvi19.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

edda15d886522543213a5beb1fa973fa19603603488abfe750d7ced11c898c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:20:48 GMT
x-content-type-options: nosniff
age: 9149
status: 200
content-disposition: inline;filename="covid19.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23372
x-xss-protection: 0
server: fife
etag: "v67b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 24 Mar 2020 10:00:28 GMT

GET
H2 200 toovibes.com.ng.846788.js Show response
jsc.mgid.com/t/o/ 130 KB
36 KB 293ms
250ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846788.js
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d1cc73428af899ea57c4ac77f8c14d07eb1b977df226dcbfc9b73a99cb31b5

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 4CDB57EE83495E93
cf-polished: origSize=132912
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: iVGb935OtbcvOMtGWeJzaJTHCd5p404NyPnKjEcRp3MgxfbVQrPlMfk0W3EnC5KXU48sKyojrpo=
last-modified: Tue, 24 Mar 2020 10:17:46 GMT
server: cloudflare
etag: W/"215c34d9876a9ea6a03cdd508b4590bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 26 Mar 2020 23:53:18 GMT
cache-control: public, max-age=3600
cf-ray: 57a4726a7958e674-LHR
cf-bgj: minify

GET
H2 200 toovibes.com.ng.846768.js Show response
jsc.mgid.com/t/o/ 130 KB
36 KB 192ms
161ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c4ac6a7736c0c50d33f90ca722f9a5f5d04d808058253cd38670c3da50ef71c

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 22:53:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: FD391565A0C96692
cf-polished: origSize=133287
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-id-2: q3LfkHXgHADUdl0TkGlYzNjZOJMEyj7Exd5SLnKnSXAp+1TGnI1XzX+Hr5S6luLr5zSTn7UvPMg=
last-modified: Tue, 24 Mar 2020 09:54:01 GMT
server: cloudflare
etag: W/"e0a0314ded3c4abe6c83f617dff6f21d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Thu, 26 Mar 2020 23:53:17 GMT
cache-control: public, max-age=3600
cf-ray: 57a4726a7959e674-LHR
cf-bgj: minify

GET
H2 200 online_i.js Show response
widget.supercounters.com/ssl/ 4 KB
2 KB 37ms
14ms Script
application/javascript 2606:4700:3036::6818:72e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/online_i.js
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 22:53:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2017 06:49:04 GMT
server: cloudflare
age: 398
etag: W/"596474e0-109e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 57a4726a3ee46461-FRA
expires: Thu, 26 Mar 2020 22:53:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161661325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 882
date: Thu, 26 Mar 2020 22:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 27 Mar 2020 00:38:35 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=461543315&t=pageview&_s=1&dl=https%3A%2F%2Fcoronvi19.xyz%2F&ul=en-us&de=UTF-8&dt=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=866388136&gjid=1501891043&cid=667823779.1585263198&tid=UA-161661325-1&_gid=1971703651.1585263198&_r=1&gtm=2ou3i0&z=224767911

Requested by

Host: coronvi19.xyz
URL: https://coronvi19.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fc.php Show response
www.supercounters.com/ 28 B
278 B 1301ms
96ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.supercounters.com/fc.php?id=1573388&w=1&v=2&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&ref=&url=https%3A%2F%2Fcoronvi19.xyz%2F&sw=1600&sh=1200&rand=69
Requested by: Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.29.90 Philadelphia, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.12.2 / PHP/7.2.0
Resource Hash: d53446428b0f82e75c09d81c10a8ce2325966564039573f8bb384b29a2f18f54

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 22:53:19 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/7.2.0
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 22:53:18 GMT
server: ESF
date: Thu, 26 Mar 2020 22:53:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 22:53:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
627 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 22:53:18 GMT
server: ESF
date: Thu, 26 Mar 2020 22:53:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 22:53:18 GMT

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: coronvi19.xyz
URL: https://coronvi19.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://coronvi19.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4831379
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 1 Show response
servicer.mgid.com/846768/ 4 KB
2 KB 76ms
75ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/846768/1?w=1585&h=782&cols=3&pv=5&cbuster=1585263198088643909929&uniqId=13246&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fcoronvi19.xyz%2F&pageView=1&pvid=171190cbf89aa85ce16&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77ecfab2d05ae8ebcf30c2185fbebc28fb1550f0e11b92d769072dbb04fedda2

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a4726c1cdee674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: coronvi19.xyz
URL: https://coronvi19.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://coronvi19.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2686760
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:33:58 GMT

GET
H2 200 1 Show response
servicer.mgid.com/846788/ 4 KB
2 KB 74ms
74ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/846788/1?w=498&h=500&cols=3&pv=5&cbuster=1585263198159751987945&uniqId=152ba&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fcoronvi19.xyz%2F&pageView=0&pvid=171190cbfcf92264aeb&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846788.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a523d148e808401d3f689d6fc57a1f25eb6fa357de55d2d925ced6bde6603e6

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
content-type: application/x-javascript; charset=utf-8
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a4726c8e15e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 i.js Show response
cm.mgid.com/ 1003 B
404 B 148ms
146ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1585263198172936059045
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe33e532aad652ed0f9f239f58950cdd95afe789a1af8b23689ce68ae390925

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 57a4726c9e48e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://coronvi19.xyz
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2469972
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame FDB1 301 B
382 B 137ms
136ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1585263198176408206200
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f025a55c2622e6413ba35d86a189d5ab7746b36fea7d612bb7ae6343b9b2d4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 57a4726cae5ee674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 268ms
90ms Script
application/x-javascript 184.25.146.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.146.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-146-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 22:53:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 27 Mar 2020 22:53:18 GMT

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 43ms
42ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 6312
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: EAF7B034ECC7CD43
x-amz-id-2: NEXLpYC2QMlJJ8xJnvcjvFokJbS72AcxCmLS+Z/P2wD3v+SgB/33ejfTU4wUNfKU3D1VCJ/TgEE=
last-modified: Thu, 05 Mar 2020 10:34:13 GMT
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 57a4726cbea5e674-LHR
expires: Fri, 27 Mar 2020 02:53:18 GMT

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
274 B 108ms
101ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=78
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a4726cbecde674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjY1OTQyLzNhNTJmNmFiNWNhZjk0Njc0NTEwNjczNWYxMjVjMDg1LmpwZw**.webp
s-img.mgid.com/g/4611795/492x328/73x160x492x328/ 19 KB
19 KB 29ms
27ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4611795/492x328/73x160x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjY1OTQyLzNhNTJmNmFiNWNhZjk0Njc0NTEwNjczNWYxMjVjMDg1LmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 198368b355ff896f594f5c15100ccb5fe3034319fd7462fd87820308dfc853ef

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 18:58:37 GMT
server: cloudflare
age: 273258
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cbebfe674-LHR
access-control-allow-origin: *
content-length: 19512

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0wOS8yNTcwOTMvNjk3ZGM1ZDExMTE4NjEyZjkxMGJjZjQ4NzczYWY5NzkuanBnP3Q9MTU0OTcwMzY0NDU4OA**.webp
s-img.mgid.com/g/3270313/492x328/0x0x492x328/ 8 KB
8 KB 24ms
22ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3270313/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0wOS8yNTcwOTMvNjk3ZGM1ZDExMTE4NjEyZjkxMGJjZjQ4NzczYWY5NzkuanBnP3Q9MTU0OTcwMzY0NDU4OA**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c96d2408c5d54534a0722cd42b953a3c742a949ef690a6a4fea3d35ea01e31

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Sun, 11 Aug 2019 23:39:56 GMT
server: cloudflare
age: 19388477
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cbebce674-LHR
access-control-allow-origin: *
content-length: 8026

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1LzhlZWNjNDUyNTdhYzhmNmQzOGVlNjQ3NWQzYmMyMzAwLmpwZw**.webp
s-img.mgid.com/g/5002987/492x328/0x0x492x328/ 12 KB
12 KB 26ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5002987/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1LzhlZWNjNDUyNTdhYzhmNmQzOGVlNjQ3NWQzYmMyMzAwLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c8961e4e1c63a6510ddb8735f00e89c417e2a552c66e7d80d9ffbc2a750ecb

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Feb 2020 13:11:24 GMT
server: cloudflare
age: 3490906
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cbec3e674-LHR
access-control-allow-origin: *
content-length: 12362

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzEwMTQxLzkxMWU1ZGRkMDg5NTU0N2RhMGVhNTYxMTkxM2ZiMTljLmpwZw**.webp
s-img.mgid.com/g/5194663/492x328/556x125x1116x744/ 14 KB
14 KB 34ms
32ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5194663/492x328/556x125x1116x744/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzEwMTQxLzkxMWU1ZGRkMDg5NTU0N2RhMGVhNTYxMTkxM2ZiMTljLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d430a0de296a75b2a36fda5b4d39c03794bb4157cf212f1e490e60da3b9dc498

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Feb 2020 01:03:55 GMT
server: cloudflare
age: 2670563
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cbec5e674-LHR
access-control-allow-origin: *
content-length: 14680

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMzEwMTQxLzlmYTRkOTcyYTA0MDllYWRkNTE2ZmJhZDlmZTE1MDQzLmpwZw**.webp
s-img.mgid.com/g/4848737/492x328/153x0x1448x965/ 14 KB
14 KB 23ms
23ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4848737/492x328/153x0x1448x965/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMzEwMTQxLzlmYTRkOTcyYTA0MDllYWRkNTE2ZmJhZDlmZTE1MDQzLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b74462676c96ba69b813b3e31fc957771b421d113b475b32ee19e3bd38370e25

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Jan 2020 19:40:08 GMT
server: cloudflare
age: 6658934
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cdf28e674-LHR
access-control-allow-origin: *
content-length: 13986

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMzk3Mjg5LzZhYTI1NTI1MDYzNzlmYjc1MDc4ZWRlODkzNTg0MTE0LmpwZw**.webp
s-img.mgid.com/g/5349543/492x328/0x0x875x583/ 12 KB
12 KB 23ms
23ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5349543/492x328/0x0x875x583/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMzk3Mjg5LzZhYTI1NTI1MDYzNzlmYjc1MDc4ZWRlODkzNTg0MTE0LmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12d8613c2b174768564bbd830e14989a52f56d36d17c6bcd6a3aa9214c35630

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 17:51:50 GMT
server: cloudflare
age: 622888
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726cef34e674-LHR
access-control-allow-origin: *
content-length: 12020

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjY1OTQyLzNhNTJmNmFiNWNhZjk0Njc0NTEwNjczNWYxMjVjMDg1LmpwZw**.webp
s-img.mgid.com/g/4611795/328x328/0x88x559x559/ 16 KB
16 KB 32ms
31ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4611795/328x328/0x88x559x559/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMjY1OTQyLzNhNTJmNmFiNWNhZjk0Njc0NTEwNjczNWYxMjVjMDg1LmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a66a2775f65aa92eb3cd1563dd823b14737b5b41e26e8ef27ea3adb55144d7

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 18:59:54 GMT
server: cloudflare
age: 273168
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d1f9ae674-LHR
access-control-allow-origin: *
content-length: 16594

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0wOS8yNTcwOTMvNjk3ZGM1ZDExMTE4NjEyZjkxMGJjZjQ4NzczYWY5NzkuanBnP3Q9MTU0OTcwMzY0NDU4OA**.webp
s-img.mgid.com/g/3270313/328x328/82x0x328x328/ 8 KB
8 KB 30ms
29ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3270313/328x328/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMi0wOS8yNTcwOTMvNjk3ZGM1ZDExMTE4NjEyZjkxMGJjZjQ4NzczYWY5NzkuanBnP3Q9MTU0OTcwMzY0NDU4OA**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22e2b9789d54d51250d2eaa1e5f74d62d41abdbb2df216b7dde14fa6209ee725

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2019 13:38:21 GMT
server: cloudflare
age: 19559234
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d1f9ee674-LHR
access-control-allow-origin: *
content-length: 8022

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1LzhlZWNjNDUyNTdhYzhmNmQzOGVlNjQ3NWQzYmMyMzAwLmpwZw**.webp
s-img.mgid.com/g/5002987/328x328/82x0x328x328/ 9 KB
10 KB 29ms
28ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5002987/328x328/82x0x328x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDU4MTA1LzhlZWNjNDUyNTdhYzhmNmQzOGVlNjQ3NWQzYmMyMzAwLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce49d8b644b3cb9063c3806def274874b156005dbbc458dc88e707332a7f32f

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Feb 2020 13:12:13 GMT
server: cloudflare
age: 3490715
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d1f9fe674-LHR
access-control-allow-origin: *
content-length: 9606

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzEwMTQxLzkxMWU1ZGRkMDg5NTU0N2RhMGVhNTYxMTkxM2ZiMTljLmpwZw**.webp
s-img.mgid.com/g/5194663/328x328/667x120x885x885/ 12 KB
12 KB 27ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5194663/328x328/667x120x885x885/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMzEwMTQxLzkxMWU1ZGRkMDg5NTU0N2RhMGVhNTYxMTkxM2ZiMTljLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b0a575f155c4f819fb7adb538a3c71d1552f5b49bc7fc5218f153ddb188d923

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Tue, 25 Feb 2020 02:55:06 GMT
server: cloudflare
age: 2650216
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d1fa1e674-LHR
access-control-allow-origin: *
content-length: 12062

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMzEwMTQxLzlmYTRkOTcyYTA0MDllYWRkNTE2ZmJhZDlmZTE1MDQzLmpwZw**.webp
s-img.mgid.com/g/4848737/328x328/394x0x965x965/ 11 KB
11 KB 24ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4848737/328x328/394x0x965x965/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMzEwMTQxLzlmYTRkOTcyYTA0MDllYWRkNTE2ZmJhZDlmZTE1MDQzLmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4f1256233ee62f44cfba834ac85c150d0863eda95668d8be3b5660ea78c93c

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Jan 2020 19:31:39 GMT
server: cloudflare
age: 6659010
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d1fa2e674-LHR
access-control-allow-origin: *
content-length: 10798

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMzk3Mjg5LzZhYTI1NTI1MDYzNzlmYjc1MDc4ZWRlODkzNTg0MTE0LmpwZw**.webp
s-img.mgid.com/g/5349543/328x328/157x30x554x554/ 11 KB
11 KB 22ms
22ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5349543/328x328/157x30x554x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMzk3Mjg5LzZhYTI1NTI1MDYzNzlmYjc1MDc4ZWRlODkzNTg0MTE0LmpwZw**.webp
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2321c1a1cea5d073326875ca8efd0ad73102ea365f2af64c6fb530a3080bd536

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Mar 2020 17:52:43 GMT
server: cloudflare
age: 622443
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 57a4726d4fe0e674-LHR
access-control-allow-origin: *
content-length: 11526

GET
H2

200

m
cm.mgid.com/ Frame FDB1
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
156 B

113ms
112ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a4726f2b91e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Thu, 26 Mar 2020 22:53:18 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

m
cm.mgid.com/ Frame FDB1
Redirect Chain

https://uaadcodedsp.rontar.com/CookieSync.axd?sspId=104&uid=k2qiqIg2iaRf
https://cm.mgid.com/m?cdsp=337572&c=552cf14ec67c0fe2e24e94329a428730

43 B
174 B

127ms
127ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=337572&c=552cf14ec67c0fe2e24e94329a428730
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a4726f3b99e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

date: Thu, 26 Mar 2020 22:53:18 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
location: https://cm.mgid.com/m?cdsp=337572&c=552cf14ec67c0fe2e24e94329a428730
content-type: text/html; charset=utf-8
status: 302
cache-control: private
content-length: 189

GET
H2 200 /
cm.steepto.com/setmuidn/ 0
279 B 175ms
130ms Image
image/gif 104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=k2qiqIg2iaRf
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 57a4726dde5fbb82-LHR
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
510 B 114ms
69ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k2qiqIg2iaRf
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a4726ddcc3ce7f-LHR
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=9e0b1699-bd07-44db-a6ad-b135102964ff

43 B
145 B

134ms
134ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=9e0b1699-bd07-44db-a6ad-b135102964ff
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a4726e2962e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

status: 307
date: Thu, 26 Mar 2020 22:53:18 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=9e0b1699-bd07-44db-a6ad-b135102964ff

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://sandbox.bidswitch.net/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=58&expires=14&user_id=0bcd8dd4-275b-4412-be25-5500bee98647&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=0bcd8dd4-275b-4412-be25-5500bee98647

43 B
165 B

103ms
103ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=0bcd8dd4-275b-4412-be25-5500bee98647
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a4726f6bfee674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

status: 302
date: Thu, 26 Mar 2020 22:53:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=0bcd8dd4-275b-4412-be25-5500bee98647
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=e96438e8-9f35-4b3d-8e6d-84a8f00fe3e1&ttl=1587855198

43 B
102 B

121ms
121ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=e96438e8-9f35-4b3d-8e6d-84a8f00fe3e1&ttl=1587855198
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a4726e49a6e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
x-aspnet-version: 4.0.30319
location: https://cm.mgid.com/m?cdsp=371158&c=e96438e8-9f35-4b3d-8e6d-84a8f00fe3e1&ttl=1587855198
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 201ms
65ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k2qiqIg2iaRf
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJxaXFJZzJpYVJm&muidn=k2qiqIg2iaRf
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azJxaXFJZzJpYVJm&muidn=k2qiqIg2iaRf&google_tc=
https://cm.mgid.com/google?muidn=k2qiqIg2iaRf&google_ula={guid},5&google_gid=CAESEPK-gFIwWWf24TuEd8iiors&google_cver=1

0
47 B

101ms
100ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k2qiqIg2iaRf&google_ula={guid},5&google_gid=CAESEPK-gFIwWWf24TuEd8iiors&google_cver=1
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 22:53:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain
status: 200
accept-ranges: bytes
cf-ray: 57a4726ecab8e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:18 GMT
server: HTTP server (unknown)
location: https://cm.mgid.com/google?muidn=k2qiqIg2iaRf&google_ula={guid},5&google_gid=CAESEPK-gFIwWWf24TuEd8iiors&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k2qiqIg2iaRf
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647&rdrctExp=true

0
447 B

91ms
91ms

Image
text/plain

64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647&rdrctExp=true
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId: 3e60e9c163c5b33969c7210a8a9d5b40
Date: Thu, 26 Mar 2020 22:53:18 GMT
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=0bcd8dd4-275b-4412-be25-5500bee98647&rdrctExp=true
Date: Thu, 26 Mar 2020 22:53:18 GMT
X-TraceId: ea6a7636d7dbdb83bce152b313491b02
Content-Length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=d5f34009-18d0-4fbd-ac4f-bbdbe3a87c59

43 B
372 B

102ms
102ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=d5f34009-18d0-4fbd-ac4f-bbdbe3a87c59
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 57a472722a7ee674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 43

Redirect headers

date: Thu, 26 Mar 2020 22:53:18 GMT
via: 1.1 google
location: //cm.mgid.com/m?cdsp=287839&c=d5f34009-18d0-4fbd-ac4f-bbdbe3a87c59
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9=

0
248 B

90ms
90ms

Image
text/plain

184.25.146.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9=
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.25.146.133 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-146-133.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Mar 2020 22:53:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1585263198454&ns_c=UTF-8&cv=3.5&c8=COVID%2019%20FEDERAL%20GOVERNMENT%20GRANTS&c7=https%3A%2F%2Fcoronvi19.xyz%2F&c9=
Pragma: no-cache
Date: Thu, 26 Mar 2020 22:53:18 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e61c1c.png
widget.supercounters.com/images/online/ 568 B
854 B 11ms
11ms Image
image/png 2606:4700:3036::6818:72e2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.supercounters.com/images/online/e61c1c.png
Requested by: Host: coronvi19.xyz
URL: https://coronvi19.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6818:72e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 22:53:19 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Feb 2020 11:53:23 GMT
server: cloudflare
age: 1282566
etag: "5e3566b3-238"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 57a472728b936461-FRA
content-length: 568
expires: Tue, 07 Apr 2020 00:49:02 GMT

GET
H2 200 c
c.mgid.com/ 43 B
180 B 105ms
103ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=161|161|8|EJUIbRygxc0PIrmTsmlwve5rL9Gv6a791hbgsd148KkQSEQDVhW68CEfH4ieee6e&fw=1&extjs=510&v=161|161|8|EJUIbRygxc0PIrmTsmlwvWzYLzHpy0hq5moGT8wUoU-wf-XgQGhGVcugsJqTZ5CJ&v=161|161|8|rQPevZhCVVaMzw4zrp-V8BwiVkLdKEi4MAbEFU2H5F4EDs_ujTJ-Ekai02_Q6oXV&v=161|161|8|mnha7M-qIja61LF0SDqvE8ccDd_bWMR7q52chS94SKX26eC8n7PLieI1tztwhwMI&v=161|161|8|Alb7F-E_KAvURJOeZS755VWVeXBCzhSqJ3wkY-yZGr4eYnqFQJkl5B_3NQfbv94Y&v=161|161|8|XeEst2Hq2q0-Laj77Z9bLJ_ObYTTby4sFM3g3F5aG9Yoitv2Jac0OqadtZL6j9W7&imgdim=1&cid=846788&h2=4B8OPrE2OdDHpgx1X5aOo_N-fy5S3o8nVYjDcujLCRw*&rid=958cc2e2-6fb4-11ea-8974-d09466576dad&tt=Direct&cbuster=1585263199412535209424&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://coronvi19.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 22:53:19 GMT
cf-cache-status: DYNAMIC
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 57a472745f95e674-LHR
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846768.js(Line 9) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/t/o/toovibes.com.ng.846788.js(Line 9) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
c.mgid.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.steepto.com
coronvi19.xyz
csync.loopme.me
fonts.googleapis.com
fonts.gstatic.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sandbox.bidswitch.net
sb.scorecardresearch.com
servicer.mgid.com
sync.outbrain.com
uaadcodedsp.rontar.com
udata.mixmarket.biz
widget.supercounters.com
www.google-analytics.com
www.googletagmanager.com
www.supercounters.com
x.bidswitch.net
104.16.199.73
104.19.136.78
104.19.138.80
148.251.129.84
162.213.253.118
172.104.29.90
172.217.18.2
184.25.146.133
2001:4de0:ac19::1:b:3b
23.105.245.5
23.105.254.36
2606:4700:3036::6818:72e2
2a00:1450:4001:800::2001
2a00:1450:4001:800::2008
2a00:1450:4001:814::2003
2a00:1450:4001:817::200e
2a00:1450:4001:821::200a
35.212.212.222
5.9.13.98
52.57.194.55
52.59.108.16
54.229.91.186
64.202.112.95
0b0a575f155c4f819fb7adb538a3c71d1552f5b49bc7fc5218f153ddb188d923
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
198368b355ff896f594f5c15100ccb5fe3034319fd7462fd87820308dfc853ef
1ce49d8b644b3cb9063c3806def274874b156005dbbc458dc88e707332a7f32f
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
22e2b9789d54d51250d2eaa1e5f74d62d41abdbb2df216b7dde14fa6209ee725
2321c1a1cea5d073326875ca8efd0ad73102ea365f2af64c6fb530a3080bd536
3a4f1256233ee62f44cfba834ac85c150d0863eda95668d8be3b5660ea78c93c
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60
51a66a2775f65aa92eb3cd1563dd823b14737b5b41e26e8ef27ea3adb55144d7
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58c8961e4e1c63a6510ddb8735f00e89c417e2a552c66e7d80d9ffbc2a750ecb
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
61f025a55c2622e6413ba35d86a189d5ab7746b36fea7d612bb7ae6343b9b2d4
6c4ac6a7736c0c50d33f90ca722f9a5f5d04d808058253cd38670c3da50ef71c
6d2721c4ff63ce4a2073c49a5d26d70354cf5c67fb86fbb4e8713c73aac31c7a
77ecfab2d05ae8ebcf30c2185fbebc28fb1550f0e11b92d769072dbb04fedda2
7a523d148e808401d3f689d6fc57a1f25eb6fa357de55d2d925ced6bde6603e6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
946f17cbf7585ff68bf58c1ef9d340c59760d3b1a7ab4a264590ae10cc1b2294
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b01052595d22238c23ad27dfb118270dc17124aa47731d3308824fbf182511b6
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b74462676c96ba69b813b3e31fc957771b421d113b475b32ee19e3bd38370e25
b94909af66459e7b69826fd04216c5bdf63a38d83d58e6c335a9cb2d961b25fa
c12d8613c2b174768564bbd830e14989a52f56d36d17c6bcd6a3aa9214c35630
cbe33e532aad652ed0f9f239f58950cdd95afe789a1af8b23689ce68ae390925
d430a0de296a75b2a36fda5b4d39c03794bb4157cf212f1e490e60da3b9dc498
d53446428b0f82e75c09d81c10a8ce2325966564039573f8bb384b29a2f18f54
d8c96d2408c5d54534a0722cd42b953a3c742a949ef690a6a4fea3d35ea01e31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
edda15d886522543213a5beb1fa973fa19603603488abfe750d7ced11c898c33
f9d1cc73428af899ea57c4ac77f8c14d07eb1b977df226dcbfc9b73a99cb31b5

coronvi19.xyz Open in urlscan Pro 162.213.253.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

30 %IPv6

21 Domains

28 Subdomains

16 IPs

5 Countries

355 kBTransfer

748 kBSize

0 Cookies

8 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

coronvi19.xyz Open in urlscan Pro
162.213.253.118 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

30 %
IPv6

21
Domains

28
Subdomains

16
IPs

5
Countries

355 kB
Transfer

748 kB
Size

0
Cookies

48 HTTP transactions
2 data transactions