med22a.ch Open in urlscan Pro
185.142.213.29  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response med22a.ch/	58 KB 9 KB	310ms 220ms	Document text/html	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PHP/7.4.8 PleskLin Resource Hash a12e7a8e7545ca010e3d1a353dec971371b3a50359a1773ee4293f9394508faa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers content-encoding gzip content-length 9164 content-type text/html; charset=UTF-8 date Sun, 03 Dec 2023 16:37:57 GMT link <https://med22a.ch/wp-json/>; rel="https://api.w.org/" server nginx vary Accept-Encoding x-powered-by PHP/7.4.8 PleskLin
GET H2	200	script.js Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/	93 KB 34 KB	193ms 131ms	Script application/javascript	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/script.js Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c317e19eb49db9ab389fc1bfcad32303bc59c72b5e223870333b4ba297b2ae65 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"17345-60adb3332959f-gzip" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcKBYW%2F0D8EY1N9uUQbyaoes%2BmmG2FAQjLjFENfDltzfAMTqGVUAarirJiyZSuZf1E6nVMhPcwFVO%2B%2Bzdh8eALmFVVtAJvlGIbRFctp4PGmVZpY56HcJIIz8blqKXcNYxtjuFHJ%2B75ECbaut99K2"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cba89244be1-MXP
GET H2	200	style.min.css med22a.ch/wp-includes/css/dist/block-library/	107 KB 108 KB	128ms 126ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Wed, 08 Nov 2023 00:22:18 GMT server nginx etag "654ad4ba-1add3" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 110035
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	104ms 38ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Libre+Baskerville%3Awght%40400%3B700%7CRubik%3Awght%40300%3B400%3B800&subset=cyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Clatin&ver=1.0.0 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 912ac2bb53835c3abe2ae7d402cb82466f965d4e078cd99d85ceea4bb800c8e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 03 Dec 2023 16:37:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 03 Dec 2023 16:32:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 03 Dec 2023 16:37:57 GMT
GET H2	200	icofont.min.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	90 KB 90 KB	48ms 47ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/icofont.min.css?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 882f43879ac20dff7edf501cc5a48b2ae4ff78d88136399e18bad1ecf9b7dc39 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-16836" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 92214
GET H2	200	style.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	27 KB 27 KB	128ms 127ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/style.css?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 21fb90d010d681efe08db3ba72c916710218201bc3d596f52f4b4b1250c28a0b Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-6d4d" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 27981
GET H2	200	slick.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	2 KB 2 KB	129ms 127ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick.css?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-6f0" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 1776
GET H2	200	slick-theme.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	3 KB 3 KB	128ms 127ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick-theme.css?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 0621c5dd9cb16f35d34aa26fb308f44154b75bca1a53382ab4d20a9b64903fc4 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-c4e" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 3150
GET H2	200	style.css med22a.ch/wp-content/themes/jupiter-blog/	1 KB 1 KB	128ms 127ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/style.css?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash bd8512511839fff100dd021685b580bf3d2b9bccb6ce3691615c09e38f0edd3f Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-4eb" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 1259
GET H2	200	jquery.min.js Show response med22a.ch/wp-includes/js/jquery/	86 KB 86 KB	129ms 128ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Wed, 08 Nov 2023 00:22:18 GMT server nginx etag "654ad4ba-15601" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 87553
GET H2	200	jquery-migrate.min.js Show response med22a.ch/wp-includes/js/jquery/	13 KB 13 KB	129ms 128ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Tue, 08 Aug 2023 23:22:14 GMT server nginx etag "64d2ce26-3509" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 13577
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 91 KB	160ms 49ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=GT-T56B7MT Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 28dfda0ef29bd6a01da40b644a31fe191e53153082a9ad1c998770b50d58d117 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92998 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 03 Dec 2023 16:37:57 GMT
GET H2	200	IMG_0005-768x512.jpeg med22a.ch/wp-content/uploads/2023/06/	71 KB 71 KB	129ms 128ms	Image image/jpeg	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://med22a.ch/wp-content/uploads/2023/06/IMG_0005-768x512.jpeg Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash e3b4b6871483004fe8d606c33f18034116bc68ccf7dac0c0abc0bc97bee95f26 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Tue, 27 Jun 2023 15:58:17 GMT server nginx etag "649b0719-11b1c" x-powered-by PleskLin content-type image/jpeg accept-ranges bytes content-length 72476
GET H2	200	normal-137x60-white.gif backlink.globonet.ch/images/	1 KB 1 KB	140ms 40ms	Image image/gif	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://backlink.globonet.ch/images/normal-137x60-white.gif Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 1bf537d714bbec3119abe6f28e7b82a5d4ffaa3f2f090cbb1ef6dc13cdaf0e14 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Tue, 11 Apr 2023 12:12:28 GMT server nginx etag "64354eac-43d" x-powered-by PleskLin content-type image/gif accept-ranges bytes content-length 1085
GET H2	200	slick.min.js Show response med22a.ch/wp-content/themes/jupiter-blog/assets/js/	52 KB 52 KB	129ms 128ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/js/slick.min.js?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-cfbc" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 53180
GET H2	200	vendors.min.js Show response med22a.ch/wp-content/themes/jupiter-blog/assets/js/	92 KB 92 KB	159ms 158ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/js/vendors.min.js?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 4172d0162188dec3b3d36e4f265232c2a487f6ac8bbbbd0c147e4e9366ddd8ef Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-16ee0" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 93920
GET H2	200	scripts.js Show response med22a.ch/wp-content/themes/jupiter-blog/assets/js/	29 KB 29 KB	61ms 61ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/js/scripts.js?ver=1.1.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 9553245318ded2a8c23fff6ee16e57fd3035b6035a2d66c2285490581fe0eaf3 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-7285" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 29317
POST H2	200	log log.cookieyes.com/api/v1/	2 B 153 B	169ms 55ms	Ping text/plain	63.33.117.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://log.cookieyes.com/api/v1/log Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.33.117.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-117-117.eu-west-1.compute.amazonaws.com Software / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://med22a.ch/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary44WNPWenBeXcDvid Response headers access-control-allow-origin * date Sun, 03 Dec 2023 16:37:57 GMT x-powered-by Express content-length 2 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-type text/plain; charset=utf-8
GET H2	200	banner.js Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/	94 KB 33 KB	98ms 98ms	Script application/javascript	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/banner.js Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd8130e14e4707db5b10710f972a0a279192f99f29a8e022e5a388d846247b3f Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"178c8-60adb3332959f-gzip" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOvjBegKmgCYDVB7cH2kVmhhiH7ErElJQmRqIvZkCILIGduqvPiEA7Q%2BxAXhoJKjjqYzJ5O4aRgrBfEJq67%2FLMYDWajFuD3FRWBn6I%2BONNaMqgxdgBhSRTGpedOfPTTHkAvscpF4VuTrYsxxeo6P"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbbfa9e4be1-MXP
GET H2	200	bootstrap.min.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	121 KB 122 KB	47ms 46ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/bootstrap.min.css Requested by Host: med22a.ch URL: https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/style.css?ver=1.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash ccf05854a29ad9999c6cee7d246bd3226e9db0b0f3a39f51999b4e4022c28c67 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/style.css?ver=1.1.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-1e574" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 124276
GET H2	200	basic.css med22a.ch/wp-content/themes/jupiter-blog/assets/css/	75 KB 75 KB	40ms 40ms	Stylesheet text/css	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/basic.css Requested by Host: med22a.ch URL: https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/style.css?ver=1.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash d94cb759a8317dbcedbef1bb4b11499e681afd3c53eed7bc33bd309cc74e17ca Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/style.css?ver=1.1.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-12a33" x-powered-by PleskLin content-type text/css accept-ranges bytes content-length 76339
GET BLOB	200 OK	b1ba12be-72e7-4e6a-bd9c-adcbf2ec81ba https://med22a.ch/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://med22a.ch/b1ba12be-72e7-4e6a-bd9c-adcbf2ec81ba Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H2	200	iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2 fonts.gstatic.com/s/rubik/v28/	18 KB 19 KB	127ms 62ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3Awght%40400%3B700%7CRubik%3Awght%40300%3B400%3B800&subset=cyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Clatin&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://med22a.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 17:23:48 GMT x-content-type-options nosniff age 342849 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18856 x-xss-protection 0 last-modified Thu, 29 Jun 2023 16:30:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Nov 2024 17:23:48 GMT
GET H2	200	kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 fonts.gstatic.com/s/librebaskerville/v14/	26 KB 27 KB	96ms 31ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Libre+Baskerville%3Awght%40400%3B700%7CRubik%3Awght%40300%3B400%3B800&subset=cyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Clatin&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://med22a.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 17:10:41 GMT x-content-type-options nosniff age 343636 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27120 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:42:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Nov 2024 17:10:41 GMT
GET H2	200	icofont.woff2 med22a.ch/wp-content/themes/jupiter-blog/assets/fonts/	525 KB 526 KB	45ms 44ms	Font font/woff2	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/fonts/icofont.woff2 Requested by Host: med22a.ch URL: https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/icofont.min.css?ver=1.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1 Request headers Referer https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/icofont.min.css?ver=1.1.1 Origin https://med22a.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-8350c" x-powered-by PleskLin content-type font/woff2 accept-ranges bytes content-length 537868
GET H2	200	ajax-loader.gif med22a.ch/wp-content/themes/jupiter-blog/assets/css/	8 KB 8 KB	52ms 52ms	Image image/gif	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/ajax-loader.gif Requested by Host: med22a.ch URL: https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick-theme.css?ver=1.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 7a15a0ca2df4ce84c2175cc6d4b9651fc7d91f5748e5f0775e46aa39f7969596 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick-theme.css?ver=1.1.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-1f7d" x-powered-by PleskLin content-type image/gif accept-ranges bytes content-length 8061
GET H2	200	slick.woff med22a.ch/wp-content/themes/jupiter-blog/assets/fonts/	1 KB 1 KB	43ms 43ms	Font application/font-woff	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-content/themes/jupiter-blog/assets/fonts/slick.woff Requested by Host: med22a.ch URL: https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick-theme.css?ver=1.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc Request headers Referer https://med22a.ch/wp-content/themes/jupiter-blog/assets/css/slick-theme.css?ver=1.1.1 Origin https://med22a.ch accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Sat, 01 Jul 2023 12:17:17 GMT server nginx etag "64a0194d-564" x-powered-by PleskLin content-type application/font-woff accept-ranges bytes content-length 1380
GET H2	200	wp-emoji-release.min.js Show response med22a.ch/wp-includes/js/	18 KB 18 KB	50ms 50ms	Script application/javascript	185.142.213.29 HOSTTECH-AS
General Check archive.org Show headers Download Go to Full URL https://med22a.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1 Requested by Host: med22a.ch URL: https://med22a.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.142.213.29 Richterswil, Switzerland, ASN207143 (HOSTTECH-AS, CH), Reverse DNS mx4690.mail.globonet.ch Software nginx / PleskLin Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:57 GMT last-modified Wed, 01 Feb 2023 23:53:26 GMT server nginx etag "63dafb76-4904" x-powered-by PleskLin content-type application/javascript accept-ranges bytes content-length 18692
GET H2	200	jN-6T2KS.json Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/	43 B 592 B	123ms 57ms	Fetch application/json	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/jN-6T2KS.json Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48b9e0c396a1997d3729d83b8dd4f81b7276b1ab5829681451179b6932bad53e Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2b-60adb3332959f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfSgEkg8dzCAEab8%2FZ%2B6M8rIDeuaMPhAWJFquN6Xg07gxL6Y5yTG4tOWa%2B3dDE9ZV9k8NnJtLEq8rFMTMBfD3NQmYO4dlK1uF%2BUdazpQLNSiPskZay3vzd0odaRDjiDGnufUFchIrmfmbUIKRa7b"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbd58d8bb2c-MXP
GET H2	200	Swmyi2iT.json Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/config/	30 KB 6 KB	62ms 62ms	Fetch application/json	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/config/Swmyi2iT.json Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51a9e4095b17a51a4c5a7cd19fc18d5e75977de0da44bf050484eb647a7965e7 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"795c-60adb3332959f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMvQR70hAfrEqu0yYmNY6JXKKJavXQ241YVqLdoz%2BuWIBmf7tWBkYy5LH0GdF0C5HX0TBFyUeJUUuP%2Fn9qWTKhoHxcd8g3KF4TyAghf4iYY1wy7dAcNhPOJOVHyGjvN2a0Zh0%2BgTZEO69E24UmJM"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbdb985bb2c-MXP
GET H2	200	jpvN58_W.json Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/translations/	2 KB 1 KB	70ms 70ms	Fetch application/json	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/translations/jpvN58_W.json Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dca2fe2e269d8d4f9ac21851a636e7f9f79cb56476b34bacae31f954793b567 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"823-60adb3332959f" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvEugAN4nm4A5hkQl2%2FkxgX8DyJ2d2dmIdfFVqv0V%2BN%2BIeMTRngHzDzVm1DEB0lcpkxTAJisOHDXe1rMExCun6WJdX5py5QbytjUxXlDwV8zDPdY%2BAiphuC0dn45V2QKKfwcUbigdc%2BOBhtpiyUH"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbe1a41bb2c-MXP
GET H2	200	oW5J_3am.json Show response cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/audit-table/	3 KB 1 KB	74ms 74ms	Fetch application/json	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/audit-table/oW5J_3am.json Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e041b032ef7c9c8dd74f4029c017f42665b3c9345386daaa18066a278a7708a Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status MISS last-modified Fri, 24 Nov 2023 00:40:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a20-60adb333285ff" vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW%2F%2BsEl5iPubcGYrPtRMHLhjN1PsvkeYyDj3iRzidXTKFUsrD8%2FAz988bgktW1EFpGvIZNJS4ENu0I0aRtCVzTkdVlJNnOMGg1jOBObOCS9qYFt8FqU8K2QqIxWASur9f%2BUrlrPKkBWDbtou1q36"}],"group":"cf-nel","max_age":604800} cache-control max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbe8ad2bb2c-MXP
GET H2	200	revisit.svg cdn-cookieyes.com/assets/images/	2 KB 1 KB	36ms 35ms	Image image/svg+xml	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-cookieyes.com/assets/images/revisit.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Mar 2022 04:40:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 467679 etag W/"923-5da3a668dacc0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESBQA4EqpF8l2GzkVkfi%2BpnN0Rg%2BKxVsE2Afy%2BsiK%2FU1m8lLNq6DMhlupBl5T3r%2BluCAYjkA4Lk5fD%2FJqHkH8Xuaj0KXKRxPZCkjAuwOyXsmMSFCbqVhmrUqBhT3eyllhPj92T5DrDuAHOclODZG"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=0, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbf0e724be1-MXP
GET H2	200	close.svg cdn-cookieyes.com/assets/images/	1 KB 988 B	55ms 54ms	Image image/svg+xml	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-cookieyes.com/assets/images/close.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Mar 2022 04:40:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 225768 etag W/"541-5da3a66c769d4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vJNlRpwUndlnoF4AGlgxdCb8yz2KlpTB3yREu4Q6rywuoPtxVqtHALUTVtOcaKYTEPjkeVkWNp6%2BVFeaQv9DqnR9YKJey%2FcVrX6KZpyVfKfr%2FiQI2mVuV8%2BQQey1gKYiuuG5sqvpS6nJS4xEgel"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=0, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbf0e734be1-MXP
GET H2	200	poweredbtcky.svg cdn-cookieyes.com/assets/images/	4 KB 2 KB	34ms 34ms	Image image/svg+xml	2606:4700:20::681a:146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-cookieyes.com/assets/images/poweredbtcky.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5 Request headers accept-language de-CH,de;q=0.9 Referer https://med22a.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sun, 03 Dec 2023 16:37:58 GMT content-encoding br cf-cache-status HIT last-modified Tue, 15 Mar 2022 04:41:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 465304 etag W/"eb2-5da3a68c50d09" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=betfz3YBwmDK%2FeOeZDHoOCP77kcszTTqvynDcjjsnmAAkNY6MH5uIoxEXh7xSHbq1lrx4YoX%2FzkWTco1PJYck1GS39p5IP71yLQMIoHnrjWBBhiG%2FU7FFgrRbwGMePr5wKon8i%2Be6t689YVgYlKD"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=0, s-maxage=604800, proxy-revalidate cf-ray 82fd3cbf1e754be1-MXP
POST H2	200	log log.cookieyes.com/api/v1/	2 B 152 B	57ms 56ms	Ping text/plain	63.33.117.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://log.cookieyes.com/api/v1/log Requested by Host: cdn-cookieyes.com URL: https://cdn-cookieyes.com/client_data/e4cbc48171c063aabb65bab8/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.33.117.117 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-33-117-117.eu-west-1.compute.amazonaws.com Software / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer https://med22a.ch/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryPHfTfhc0pt8rc7Ny Response headers access-control-allow-origin * date Sun, 03 Dec 2023 16:37:58 GMT x-powered-by Express content-length 2 etag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" content-type text/plain; charset=utf-8

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| cookieyes object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| FPC object| twemoji object| wp object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			med22a.ch/	1970-01-21 01:25:57	Name: cookieyes-consent Value: consentid:OWZFUkxncDd1MUM2ZG1ZVzVEUzRrWmhVSEZncFpDbE4,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backlink.globonet.ch
cdn-cookieyes.com
fonts.googleapis.com
fonts.gstatic.com
log.cookieyes.com
med22a.ch
www.googletagmanager.com
185.142.213.29
2606:4700:20::681a:146
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
63.33.117.117
0621c5dd9cb16f35d34aa26fb308f44154b75bca1a53382ab4d20a9b64903fc4
1bf537d714bbec3119abe6f28e7b82a5d4ffaa3f2f090cbb1ef6dc13cdaf0e14
1e041b032ef7c9c8dd74f4029c017f42665b3c9345386daaa18066a278a7708a
21fb90d010d681efe08db3ba72c916710218201bc3d596f52f4b4b1250c28a0b
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
28dfda0ef29bd6a01da40b644a31fe191e53153082a9ad1c998770b50d58d117
4172d0162188dec3b3d36e4f265232c2a487f6ac8bbbbd0c147e4e9366ddd8ef
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48b9e0c396a1997d3729d83b8dd4f81b7276b1ab5829681451179b6932bad53e
4f183d6af3e88171a4bbae9a2e77f90f55b425b013d057b80eade59f96ae5d0d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51a9e4095b17a51a4c5a7cd19fc18d5e75977de0da44bf050484eb647a7965e7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
7a15a0ca2df4ce84c2175cc6d4b9651fc7d91f5748e5f0775e46aa39f7969596
882f43879ac20dff7edf501cc5a48b2ae4ff78d88136399e18bad1ecf9b7dc39
8dca2fe2e269d8d4f9ac21851a636e7f9f79cb56476b34bacae31f954793b567
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
912ac2bb53835c3abe2ae7d402cb82466f965d4e078cd99d85ceea4bb800c8e6
9553245318ded2a8c23fff6ee16e57fd3035b6035a2d66c2285490581fe0eaf3
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a12e7a8e7545ca010e3d1a353dec971371b3a50359a1773ee4293f9394508faa
bd8512511839fff100dd021685b580bf3d2b9bccb6ce3691615c09e38f0edd3f
c317e19eb49db9ab389fc1bfcad32303bc59c72b5e223870333b4ba297b2ae65
c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf05854a29ad9999c6cee7d246bd3226e9db0b0f3a39f51999b4e4022c28c67
d94cb759a8317dbcedbef1bb4b11499e681afd3c53eed7bc33bd309cc74e17ca
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e3b4b6871483004fe8d606c33f18034116bc68ccf7dac0c0abc0bc97bee95f26
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
fd8130e14e4707db5b10710f972a0a279192f99f29a8e022e5a388d846247b3f