brand.roche.com Open in urlscan Pro
2606:4700::6810:dc44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://brand.cobas.com/
Effective URL:
https://brand.roche.com/
Submission: On August 05 via api (August 5th 2021, 6:39:11 pm UTC) from US

Summary HTTP 37 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2606:4700::6810:dc44, located in United States and belongs to CLOUDFLARENET, US. The main domain is brand.roche.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 26th 2021. Valid for: a year.

This is the only time brand.roche.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3035::ac43:90e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700::68... 2606:4700::6810:dc44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6810:9f1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:f30e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	50.16.235.219 50.16.235.219	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:10e... 2a02:26f0:10e:289::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
37	12

2 2606:4700:3035::ac43:90e7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

brand.cobas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6810:dc44 (United States)

ASN13335 (CLOUDFLARENET, US)

brand.roche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9f1c (United States)

ASN13335 (CLOUDFLARENET, US)

frontend.roche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f30e (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.roche.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.235.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-235-219.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e:289::19fd (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

ping.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	roche.com brand.roche.com frontend.roche.com fonts.roche.com we.intranet.roche.com Failed	6 MB
3	google-analytics.com www.google-analytics.com	19 KB
2	typekit.net p.typekit.net ping.typekit.net	549 B
2	cobas.com 2 redirects brand.cobas.com	1 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	doubleclick.net stats.g.doubleclick.net	88 B
1	ipify.org api.ipify.org	271 B
1	googletagmanager.com www.googletagmanager.com	43 KB
37	9

	Domain	Requested by
16	brand.roche.com	brand.roche.com frontend.roche.com
8	frontend.roche.com	brand.roche.com frontend.roche.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.roche.com	brand.roche.com fonts.roche.com
2	brand.cobas.com	2 redirects
1	www.google.de	brand.roche.com
1	www.google.com	brand.roche.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.typekit.net	brand.roche.com
1	p.typekit.net	brand.roche.com
1	api.ipify.org	brand.roche.com
1	www.googletagmanager.com	brand.roche.com
0	we.intranet.roche.com Failed	brand.roche.com
37	13

This site contains links to these domains. Also see Links.

Domain
web2publish.roche.com
sites.google.com
brand.gene.com
brandbridge.roche.com
www.roche.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-26` - `2022-07-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://brand.roche.com/
Frame ID: 2DD0C0CBAB85E33B51EE2A3C1390EBF0
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://brand.cobas.com/ HTTP 301
https://brand.cobas.com/ HTTP 301
https://brand.roche.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

37
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

6047 kB
Transfer

11489 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://web2publish.roche.com/
Title: visit

Search URL Search Domain Scan URL

URL: https://sites.google.com/roche.com/about-roche
Title: visit

Search URL Search Domain Scan URL

URL: http://brand.gene.com/
Title: visit

Search URL Search Domain Scan URL

URL: http://brandbridge.roche.com/
Title: visit

Search URL Search Domain Scan URL

URL: https://www.roche.com/legal_statement.htm
Title: Legal Statement

Search URL Search Domain Scan URL

URL: https://www.roche.com/privacy_policy.htm
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://brand.cobas.com/ HTTP 301
https://brand.cobas.com/ HTTP 301
https://brand.roche.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
brand.roche.com/
Redirect Chain

http://brand.cobas.com/
https://brand.cobas.com/
https://brand.roche.com/

18 KB
8 KB

83ms
36ms

Document
text/html

2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bf37ecb55dbed7a9f56a3704d475757f295d6e99c280094c1b0cbba13be719

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: brand.roche.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-type: text/html;charset=UTF-8
cf-ray: 67a225171a2f434b-FRA
age: 8977
cache-control: public, max-age=14400
expires: Thu, 05 Aug 2021 22:38:52 GMT
last-modified: Thu, 05 Aug 2021 09:26:01 GMT
strict-transport-security: max-age=3600;
vary: Accept-Encoding
cf-cache-status: HIT
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expect-staple: max-age=3600; includeSubDomains
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
x-frame-options: SAMEORIGIN
x-magnolia-registration: Registered
x-xss-protection: 1; mode=block
set-cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732; path=/; domain=.brand.roche.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 05 Aug 2021 18:38:51 GMT
cache-control: max-age=3600
expires: Thu, 05 Aug 2021 19:38:51 GMT
location: https://brand.roche.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbu%2BQNgat0wVX1GgOxKIH%2F7xNRQ8zH7rEVBpr1wOjhB5yV7hDcJeWMAJ8vfSYIs70aI3%2Frw2F5zXoTJg5yXPJcfxZEjGQHSLwINQpNEacgfperJicUKvb7Ys9QnPn%2FS7x7s7bb6RuOKVBizsrCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 67a22516a84ad6c1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 styles.all.min.css
frontend.roche.com/brand/releases/1.0.6/resources/css/ 743 KB
106 KB 73ms
37ms Stylesheet
text/css 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/css/styles.all.min.css

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e610c484f24be7f09c32366527ea291c6c587846030f8e3c80e0ac362ac67b27

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 11938
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: HlrtEWJf5RL3iPlHYkiNIVvG31nH6VYmjjgvYeaUx2n8890EOOAsU5FYYHpiaDmgEzJgEtKAdPk=
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: 5VZR0T9TQ9B2J0C3
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ed038873931c856fd765146ab6d31d97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: text/css
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a22517998c42f7-FRA
expires: Fri, 06 Aug 2021 14:49:54 GMT

GET
H2 200 scripts.head.all.min.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/ 16 KB
9 KB 73ms
37ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.head.all.min.js

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9eb5e5f0302b354dab4826014b2f1968b2c38a96227aeeac4d799d5aea21fe6d

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 11938
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: CjNawLPypUIzx0ytpx8hg7V/PQ+IzeAJSYdf+VkYdgyUaSXJwUVxmKVmZYhm+uKYTSj3Cvy6wZU=
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: B7S7J99AA2Y38N1G
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0fdb21393e5dcf138ba5a2b052bd13a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a22517999042f7-FRA
expires: Fri, 06 Aug 2021 14:49:54 GMT

GET
H2 200 tta8okv.js Show response
fonts.roche.com/ 25 KB
10 KB 95ms
55ms Script
application/javascript 2606:4700::6811:f30e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.roche.com/tta8okv.js
Requested by: Host: brand.roche.com
URL: https://brand.roche.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a5bb47f3821bd1ddf25f93a0e4097db59fb6b0a95a5f091ed1ec8ec8028cca

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 2668
cf-polished: origSize=25747
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 67a22517a9912bdd-FRA
expires: Thu, 05 Aug 2021 19:38:52 GMT

GET
H2 200 PHC_HEADER_STILL.jpg
brand.roche.com/dam/jcr:8e3f1d82-0f3a-4fd0-a64d-662d5d7da960/en/ 537 KB
540 KB 48ms
45ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:8e3f1d82-0f3a-4fd0-a64d-662d5d7da960/en/PHC_HEADER_STILL.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3452b311c92e03be153c9d38a98edf5a3bed183bb59e623eb1d915643541d85d

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:8e3f1d82-0f3a-4fd0-a64d-662d5d7da960/en/PHC_HEADER_STILL.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 549936
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Feb 2019 14:47:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184d98434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 01537_WHAT_YOU_FEEL_THIS_IS_ROCHE_1920x1080.jpg
brand.roche.com/dam/jcr:f10de74c-5b30-4db2-9e2b-d8f0e1f01671/en/ 160 KB
163 KB 72ms
69ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:f10de74c-5b30-4db2-9e2b-d8f0e1f01671/en/01537_WHAT_YOU_FEEL_THIS_IS_ROCHE_1920x1080.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bea72b1a248dbd806d66daa18c93b8e752d06eab4dc4388157447c2303cf30d

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:f10de74c-5b30-4db2-9e2b-d8f0e1f01671/en/01537_WHAT_YOU_FEEL_THIS_IS_ROCHE_1920x1080.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 164096
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jul 2019 08:48:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184d99434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 308870_1920x1080.jpg
brand.roche.com/dam/jcr:1f41459c-2d33-4ca7-885e-4eb44f10bbff/en/ 1003 KB
1007 KB 74ms
72ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:1f41459c-2d33-4ca7-885e-4eb44f10bbff/en/308870_1920x1080.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f23fde56cde1eca119f7bfb8a66e588e57acc97b94ec1b3c5b7e1acad8972b8

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:1f41459c-2d33-4ca7-885e-4eb44f10bbff/en/308870_1920x1080.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 294746
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 1027257
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 May 2018 14:31:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184d9c434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 TEASER_INSPIRATION_COVER_OVERAL.jpg
brand.roche.com/dam/jcr:6ceae519-53a2-465b-ae7d-26c20ee106f6/en/ 130 KB
133 KB 35ms
33ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:6ceae519-53a2-465b-ae7d-26c20ee106f6/en/TEASER_INSPIRATION_COVER_OVERAL.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d290eb81a5b7c84727b9cc14589f194b591975216964a5edc6316048b7aecd0

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:6ceae519-53a2-465b-ae7d-26c20ee106f6/en/TEASER_INSPIRATION_COVER_OVERAL.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 294746
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 133237
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 May 2019 13:07:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184d9f434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 01537_BRAND_BRAND_1920x1080.jpg
brand.roche.com/dam/jcr:96ea4bc4-7ad8-49c9-bb12-69d739b7959a/en/ 2 MB
2 MB 62ms
60ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:96ea4bc4-7ad8-49c9-bb12-69d739b7959a/en/01537_BRAND_BRAND_1920x1080.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2ebd94e71f8e9860fcf8b7c92de38804ff05c700a1ef2a83005b9cb6872e702

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:96ea4bc4-7ad8-49c9-bb12-69d739b7959a/en/01537_BRAND_BRAND_1920x1080.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 1653157
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jul 2019 09:04:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184da0434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 GUIDELINES_TEASER_740x416.jpg
brand.roche.com/dam/jcr:b9931d97-a9ab-4908-8d26-4f70956ed9fa/en/ 82 KB
85 KB 55ms
54ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:b9931d97-a9ab-4908-8d26-4f70956ed9fa/en/GUIDELINES_TEASER_740x416.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10a3bcf589c749582fa21229f1fcff267d7bb085acdba939a81743b4eb2dde8

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:b9931d97-a9ab-4908-8d26-4f70956ed9fa/en/GUIDELINES_TEASER_740x416.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 83870
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 02 Jul 2019 08:38:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184da3434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 COVER_DOWNLOADS.jpg
brand.roche.com/dam/jcr:c45860bf-c629-473b-b895-9d54672705f5/en/ 649 KB
653 KB 70ms
69ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:c45860bf-c629-473b-b895-9d54672705f5/en/COVER_DOWNLOADS.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51707f464b366dd69a97d81649ad1f2bffb3abc6c7e8be52e57d4d1d4808e1f7

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:c45860bf-c629-473b-b895-9d54672705f5/en/COVER_DOWNLOADS.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 664830
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 May 2018 10:00:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184da5434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 WHAT_IS_PHC_TEASER.jpg
brand.roche.com/dam/jcr:13767ba5-d66a-4de4-a54b-ce0d2870d386/en/ 154 KB
156 KB 53ms
52ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:13767ba5-d66a-4de4-a54b-ce0d2870d386/en/WHAT_IS_PHC_TEASER.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

363ae30423ee4bb47eef69034cb77bb4f3d3a1b16637c59ff8bca4bf5fd47131

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:13767ba5-d66a-4de4-a54b-ce0d2870d386/en/WHAT_IS_PHC_TEASER.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 384183
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 157396
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 29 Mar 2019 12:13:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184da7434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 Training1_1920x1080.jpg
brand.roche.com/dam/jcr:ce6e051f-1c9c-4724-bcdf-7be30a2ee9a8/en/ 788 KB
792 KB 54ms
53ms Image
image/jpeg 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brand.roche.com/dam/jcr:ce6e051f-1c9c-4724-bcdf-7be30a2ee9a8/en/Training1_1920x1080.jpg

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c428b686ee1dd0ed2f8fd9361b92c3af98337927883dae51b01c67aead03e8b2

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dam/jcr:ce6e051f-1c9c-4724-bcdf-7be30a2ee9a8/en/Training1_1920x1080.jpg
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-bgj: h2pri
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
content-length: 807313
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 09 Jul 2019 09:14:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: image/jpeg;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
accept-ranges: bytes
cf-ray: 67a225184daa434b-FRA
expires: Thu, 12 Aug 2021 18:38:52 GMT

GET
H2 200 scripts.iegte9.min.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/ 85 KB
33 KB 35ms
35ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.iegte9.min.js

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c93ae638dfb8b2fe81173426af77fb6db1876e489dc1e5d1f822fa3bbbdb2f6

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 11938
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: RK/JbGkHGox4E70dSwJ7pV7iQmzybZFzdDKEcgM/fwTRc1NNq6bdM/ucnqsdD5fJB+auH+wXwJg=
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: B7S4F62K38Z1TMDB
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1e902bef3addb623a5756f0aabb4df6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a22517ea7142f7-FRA
expires: Fri, 06 Aug 2021 14:49:54 GMT

GET
H2 404 configuration.js
brand.roche.com/author/brand/en/toolbox/ 0
0 188ms
188ms Script
text/html 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/author/brand/en/toolbox/configuration.js

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /author/brand/en/toolbox/configuration.js
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: text/html;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=86400
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a225183d7a434b-FRA
expires: Fri, 06 Aug 2021 18:38:52 GMT

GET
H2 200 configuration.js Show response
brand.roche.com/toolbox/ 28 KB
9 KB 43ms
40ms Script
text/html 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/toolbox/configuration.js

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c69d867f91b8f0e1f6925c4eca6a54e26064f4abcdeb1c332ca1786d2ae70df

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /toolbox/configuration.js
pragma: no-cache
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 23158
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 05 Aug 2021 12:06:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: text/html;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=86400
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a225183d95434b-FRA
expires: Fri, 06 Aug 2021 18:38:52 GMT

GET
H2 200 scripts.all.min.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/ 802 KB
204 KB 53ms
51ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.all.min.js

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37546b9bdc13aba2586b919e160f01673aa553237170915a617d48702bf070b6

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 11938
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: f+xjrMhbUUVxxWIzOi8recMyoqELg+TaQDX27E5FTJYlugJFbtly4upPEwrBJoTVN59p80kER3c=
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: B7SAZB1BY502TK2R
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c85c357d6ffcd51074ea31214b6597e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a225184b7642f7-FRA
expires: Fri, 06 Aug 2021 14:49:54 GMT

GET
H2 200 tta8okv-l.css
fonts.roche.com/k/c/ 213 KB
160 KB 33ms
33ms Stylesheet
text/css 2606:4700::6811:f30e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.roche.com/k/c/tta8okv-l.css
Requested by: Host: fonts.roche.com
URL: https://fonts.roche.com/tta8okv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:f30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37b503f721be113a33d440dee84cca8571518953a2be253c70990b2dbe59fbe7

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 805
cf-polished: origSize=218671
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: public, max-age=86400
cf-ray: 67a225183b282bdd-FRA
expires: Fri, 06 Aug 2021 18:38:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
43 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PB5W6SX

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c9e45f5305b15bd19403fe85f1cf5b189ace2f0a5cc1e1b2baf4ce3ef858130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44069
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Aug 2021 18:38:52 GMT

GET
H2 200 RocheIconFont.woff
frontend.roche.com/brand/releases/1.0.6/resources/fonts/ 23 KB
26 KB 63ms
45ms Font
application/octet-stream 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/fonts/RocheIconFont.woff

Requested by

Host: frontend.roche.com
URL: https://frontend.roche.com/brand/releases/1.0.6/resources/css/styles.all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad4f25f7d9a8fcec2a0adbe2d750ac70f815785cdc4efdba7ce0e285fc7178f3

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://brand.roche.com
Referer: https://frontend.roche.com/brand/releases/1.0.6/resources/css/styles.all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
access-control-allow-methods: GET, POST
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 43156
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: e/+kIytwr3K8HBAxPdNJ1CjLfWIAnjBufMwneGD0m/CuIXwd5BO6zYu+n5x6mQeosi4GrWRR/6w=
strict-transport-security: max-age=3600;
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: B7S3V5V1X6D72243
x-xss-protection: 1; mode=block
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ec04e7bb89e5f28886a59a8e56afc4b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/octet-stream
access-control-allow-origin: *
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
content-length: 23900
cf-ray: 67a225186e8dd6fd-FRA
expires: Fri, 06 Aug 2021 06:09:36 GMT

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887ba434482ed25fdf9575d3a4f107e3d4d78dee690a915e5c84862daf3c9d0c

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41dd2693f2660b1fb6dac2f916bccdda9ed029028a730f879b91899a1ac9b5c

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b552473c28c271cc3466997a1119328c5dbe6f6b1f564b521dbe5929452d40d6

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 842a74f55021d85983c3f3d6f5f4ca3c8e7f78de0187212474df2baa04a9598f

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d17324b78266eb9aae12d6dac5dc563da5dfd1bcae65079723e6f57f4a86e5ef

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9436569ea6c77e4c4763539de428256e79ad38045789dd550a9088853a485ec6

Request headers

Origin: https://brand.roche.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK / Show response
api.ipify.org/ 33 B
271 B 425ms
112ms XHR
application/javascript 50.16.235.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp
Requested by: Host: brand.roche.com
URL: https://brand.roche.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.235.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-235-219.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: a7ea4c67f1e89dc1bb3f790c355caf346ede327620fab5bf8143af7cef3155e8

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 18:38:52 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://brand.roche.com
Connection: keep-alive
Content-Length: 33

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PB5W6SX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5111
date: Thu, 05 Aug 2021 17:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 05 Aug 2021 19:13:41 GMT

GET sprite-vertical.png
we.intranet.roche.com/_layouts/images/Roche.Intranet/global/ 0
0

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 19ms
6ms Image
image/gif 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=tta8okv&app=typekit&ht=sh&h=brand.roche.com&f=6814.6817.6818.6819.14303.14305&a=560402&sl=106&fl=514&js=1.14.14&_=1628188732818
Requested by: Host: brand.roche.com
URL: https://brand.roche.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK p.gif
ping.typekit.net/ 35 B
335 B 80ms
15ms Image
image/gif 2a02:26f0:10e:289::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.typekit.net/p.gif?s=1&k=tta8okv&app=typekit&ht=sh&h=brand.roche.com&f=6814.6817.6818.6819.14303.14305&a=560402&sl=106&fl=514&js=1.14.14&_=1628188732818
Requested by: Host: brand.roche.com
URL: https://brand.roche.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10e:289::19fd Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 18:38:52 GMT
Last-Modified: Wed, 02 Sep 2020 00:52:36 GMT
Server: nginx
ETag: "5f4eecd4-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 video.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/vendor/ 263 KB
59 KB 48ms
46ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/vendor/video.js

Requested by

Host: frontend.roche.com
URL: https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.iegte9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60ed766c6679b184476652772ffaaf64582a70bef3f8340363918ae8df617f5

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 39735
cf-polished: origSize=269383
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: CqZfKAE34oAToq8C8vlk+255QEWct9RwddTwFqcGP9p0Cu9PKBWyHl0RSHiac74418LNePHBehI=
cf-bgj: minify
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: F082HA0H6Z9CSP3V
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4c6a509ec8a44edc1c044987b8ada3e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251c2eec42f7-FRA
expires: Fri, 06 Aug 2021 07:06:37 GMT

GET
H2 200 jquery.video.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/ 2 KB
3 KB 28ms
27ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/jquery.video.js

Requested by

Host: frontend.roche.com
URL: https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.iegte9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e5a3702ceb1b22eb81995344393ef725c7c52005b14e31743a7aaca23de1c6

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 39735
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: 279urxAmjunRFsCz2vXsxAAqbmP28ILH8EvfMNduqCFW7/Nq6bv3eGUnIlbmqi818oYw1PnWv98=
cf-bgj: minify
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: F08325K75GR6JQW9
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"127d4dabcc8ad086b382cc5dc3003960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251c2ef142f7-FRA
expires: Fri, 06 Aug 2021 07:06:37 GMT

GET
H2 200 youtube.js Show response
frontend.roche.com/brand/releases/1.0.6/resources/js/ 4 KB
4 KB 29ms
28ms Script
application/x-javascript 2606:4700::6810:9f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.roche.com/brand/releases/1.0.6/resources/js/youtube.js

Requested by

Host: frontend.roche.com
URL: https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.iegte9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9f1c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c45ed10664197e8d4accb139d2cbfce7e28c4a3490d949b93c76c81f25a52fa

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 35493
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
x-amz-id-2: o5AcQu4/oj8ZeVjTD6kZf36elYTxfzhZIBnfvIAh7BiH3Ed3NrF30YBXP+bClNXcTJEXXBcB7qU=
cf-bgj: minify
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-amz-request-id: 90FEG8T5GSJGRPGM
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Apr 2020 09:27:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"478d24e53485b11de7276d0474de643b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: application/x-javascript
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=84600, stale-if-error=3600
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251c2ef342f7-FRA
expires: Fri, 06 Aug 2021 08:17:19 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=208677883&t=pageview&_s=1&dl=https%3A%2F%2Fbrand.roche.com%2F&ul=en-us&de=UTF-8&dt=Brand%20Centre%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=331613957&gjid=205977896&cid=1654152123.1628188733&tid=UA-32005-17&_gid=327070328.1628188733&_r=1&gtm=2wg840PB5W6SX&z=1864653627

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 18:38:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://brand.roche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-32005-17&cid=1654152123.1628188733&jid=331613957&gjid=205977896&_gid=327070328.1628188733&_u=YEBAAEAAAAAAAC~&z=1665705209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 05 Aug 2021 18:38:52 GMT
content-type: text/plain
access-control-allow-origin: https://brand.roche.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-32005-17&cid=1654152123.1628188733&jid=331613957&_u=YEBAAEAAAAAAAC~&z=1032225189

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 18:38:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-32005-17&cid=1654152123.1628188733&jid=331613957&_u=YEBAAEAAAAAAAC~&z=1032225189

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 18:38:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 navigation.json Show response
brand.roche.com/toolbox/ 11 KB
6 KB 77ms
77ms XHR
text/html 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/toolbox/navigation.json

Requested by

Host: frontend.roche.com
URL: https://frontend.roche.com/brand/releases/1.0.6/resources/js/scripts.iegte9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b6d2a6c50b0294de4f55e8eaaaecd31e5565f6d3ab236199d2e8611d86e01bd

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732; intern_check=extern; _ga=GA1.2.1654152123.1628188733; _gid=GA1.2.327070328.1628188733; _gat_UA-32005-17=1
:path: /toolbox/navigation.json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://brand.roche.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 05 Aug 2021 18:38:52 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 23157
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 05 Aug 2021 09:24:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: text/html;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=86400
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251cbb45434b-FRA
expires: Fri, 06 Aug 2021 18:38:52 GMT

GET
H2 206 HEADER_PHC.mov
brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/ 128 KB
0 42ms
41ms Media
video/quicktime 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732; intern_check=extern; _ga=GA1.2.1654152123.1628188733; _gid=GA1.2.327070328.1628188733; _gat_UA-32005-17=1
:path: /dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: */*
cache-control: no-cache
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://brand.roche.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 05 Aug 2021 18:38:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Content-Range: bytes 0-3905218/3905219
content-disposition: attachment; filename="HEADER_PHC.mov"
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
Content-Length: 3905219
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Mar 2019 13:07:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: video/quicktime;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251d3ce3434b-FRA
expires: Thu, 12 Aug 2021 18:38:53 GMT

GET
H2 206 HEADER_PHC.mov
brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/ 38 KB
40 KB 29ms
27ms Media
video/quicktime 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov

Requested by

Host: brand.roche.com
URL: https://brand.roche.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56101c60cd818edf07c578e2b4146eefbe2cac0089abbfcd04bbf0210616b882

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732; intern_check=extern; _ga=GA1.2.1654152123.1628188733; _gid=GA1.2.327070328.1628188733; _gat_UA-32005-17=1
:path: /dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: */*
cache-control: no-cache
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=3866624-
:method: GET
Referer: https://brand.roche.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Range: bytes=3866624-

Response headers

date: Thu, 05 Aug 2021 18:38:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Content-Range: bytes 3866624-3905218/3905219
content-disposition: attachment; filename="HEADER_PHC.mov"
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
Content-Length: 38595
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Mar 2019 13:07:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: video/quicktime;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251d8d9e434b-FRA
expires: Thu, 12 Aug 2021 18:38:53 GMT

GET
H2 206 HEADER_PHC.mov
brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/ 4 MB
0 26ms
26ms Media
video/quicktime 2606:4700::6810:dc44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://brand.roche.com/dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dc44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: video
cookie: __cfruid=0bc95c02314b08780e2320fedfce1382acdc9570-1628188732; intern_check=extern; _ga=GA1.2.1654152123.1628188733; _gid=GA1.2.327070328.1628188733; _gat_UA-32005-17=1; netLocation=external
:path: /dam/jcr:5144b54a-f9cb-4f6f-9c74-17db2fe6ccb6/en/HEADER_PHC.mov
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: */*
cache-control: no-cache
:authority: brand.roche.com
referer: https://brand.roche.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=131072-
:method: GET
Referer: https://brand.roche.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Range: bytes=131072-

Response headers

date: Thu, 05 Aug 2021 18:38:53 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction": 0.15}
age: 300974
content-security-policy-report-only: default-src 'self' *.roche.com *.roche.net *.gene.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.roche.com *.roche.net *.gene.com cdn.walkme.com apis.google.com tpc.googlesyndication.com api.html5media.info workdevapp.com cdn-js.net gdata.youtube.com twitter.com geolocation.onetrust.com api.flickr.com graph.facebook.com sharecdn.social9.com maps.googleapis.com use.typekit.com munchkin.marketo.net img.en25.com w.likebtn.com cdn.mathjax.org sadmin.brightcove.com cdnjs.cloudflare.com releases.flowplayer.org script.crazyegg.com wi.likebtn.com pepperglobal.com analytics.twitter.com cdn.blueconic.net connect.facebook.net fullstory.com script.hotjar.com gnntch.blueconic.net rules.quantcount.com secure.quantserve.com static.hotjar.com www.youtube.com www.googletagmanager.com www.google-analytics.com google-analytics.com *.gstatic.com static.ads-twitter.com sjs.bizographics.com *.linkedin.com www.google.com w.soundcloud.com s.ytimg.com *.cloudflareaccess.com *.salesforceliveagent.com https://*.roche.com:8080 https://cdnjs.org https://service.force.com/* cdn.cookielaw.org static.cloudflareinsights.com googleads.g.doubleclick.net 7232514.collect.igodigital.com; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self' data:; connect-src * 'self'; media-src * 'self' data:; object-src 'self'; child-src 'self' *.roche.com *.roche.net *.gene.com *.facebook.net qpcr.probefinder.com *.force.com *.hotjar.com www.facebook.com www.google.com www.googletagmanager.com www.youtube.com; frame-src 'self' *.roche.com *.roche.net *.gene.com www.youtube.com sites.google.com *.cloudfront.net *.facebook.net *.arcot.com live.sagepay.com player.vimeo.com tpc.googlesyndication.com players.brightcove.net qpcr.probefinder.com *.eloqua.com *.hotjar.com *.soundcloud.com *.facebook.com *.google.com *.googletagmanager.com *.youtube-nocookie.com *.youtube.com *.mendeley.com *.force.com https://cdn.walkme.com/*; worker-src 'self' *.roche.com *.roche.net *.gene.com; frame-ancestors 'self' *.roche.com *.roche.net *.gene.com datastudio.google.com sites.google.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com *.cloudflareworkers.com; form-action 'self' *.roche.com *.roche.net *.gene.com content.bioclinicien.fr connect.facebook.net www.facebook.com s1691.t.eloqua.com; base-uri 'self' *.roche.com *.roche.net *.gene.com *.secure.roche.com; plugin-types application/pdf; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Content-Range: bytes 131072-3905218/3905219
content-disposition: attachment; filename="HEADER_PHC.mov"
feature-policy-report-only: geolocation 'none'; camera 'none'; fullscreen *; payment 'self'
Content-Length: 3774147
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Mar 2019 13:07:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=3600;
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://ayba8dhs.uriports.com/reports"}],"include_subdomains":true}
content-type: video/quicktime;charset=UTF-8
x-magnolia-registration: Registered
expect-staple: max-age=3600; includeSubDomains
cache-control: public, max-age=604800
content-security-policy: object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
cf-ray: 67a2251dbe33434b-FRA
expires: Thu, 12 Aug 2021 18:38:53 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&aip=1&a=208677883&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbrand.roche.com%2F&ul=en-us&de=UTF-8&dt=Brand%20Centre%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25%20reached&el=%2F&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1654152123.1628188733&tid=UA-32005-17&_gid=327070328.1628188733&gtm=2wg840PB5W6SX&cd3=extern&z=910647591

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://brand.roche.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Aug 2021 08:24:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36859
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: we.intranet.roche.com
URL: https://we.intranet.roche.com/_layouts/images/Roche.Intranet/global/sprite-vertical.png

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.roche.com/	1970-01-19 20:17:55	Name: _gid Value: GA1.2.327070328.1628188733
brand.roche.com/	1969-12-31 23:59:59	Name: netLocation Value: external
.roche.com/	1970-01-20 13:47:40	Name: _ga Value: GA1.2.1654152123.1628188733
.roche.com/	1970-01-19 20:16:28	Name: _gat_UA-32005-17 Value: 1
.roche.com/	1970-01-19 20:27:59	Name: intern_check Value: extern
.brand.roche.com/	1969-12-31 23:59:59	Name: __cfruid Value: 0bc95c02314b08780e2320fedfce1382acdc9570-1628188732

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'self'; report-uri https://ayba8dhs.uriports.com/reports/report; report-to default
Strict-Transport-Security	max-age=3600;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
brand.cobas.com
brand.roche.com
fonts.roche.com
frontend.roche.com
p.typekit.net
ping.typekit.net
stats.g.doubleclick.net
we.intranet.roche.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
we.intranet.roche.com
2606:4700:3035::ac43:90e7
2606:4700::6810:9f1c
2606:4700::6810:dc44
2606:4700::6811:f30e
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c06::9c
2a02:26f0:10e:289::19fd
2a02:26f0:6c00:2ae::19fd
50.16.235.219
1c9e45f5305b15bd19403fe85f1cf5b189ace2f0a5cc1e1b2baf4ce3ef858130
1f23fde56cde1eca119f7bfb8a66e588e57acc97b94ec1b3c5b7e1acad8972b8
2d290eb81a5b7c84727b9cc14589f194b591975216964a5edc6316048b7aecd0
3452b311c92e03be153c9d38a98edf5a3bed183bb59e623eb1d915643541d85d
363ae30423ee4bb47eef69034cb77bb4f3d3a1b16637c59ff8bca4bf5fd47131
37546b9bdc13aba2586b919e160f01673aa553237170915a617d48702bf070b6
37b503f721be113a33d440dee84cca8571518953a2be253c70990b2dbe59fbe7
44e5a3702ceb1b22eb81995344393ef725c7c52005b14e31743a7aaca23de1c6
51707f464b366dd69a97d81649ad1f2bffb3abc6c7e8be52e57d4d1d4808e1f7
51a5bb47f3821bd1ddf25f93a0e4097db59fb6b0a95a5f091ed1ec8ec8028cca
56101c60cd818edf07c578e2b4146eefbe2cac0089abbfcd04bbf0210616b882
5c45ed10664197e8d4accb139d2cbfce7e28c4a3490d949b93c76c81f25a52fa
64bf37ecb55dbed7a9f56a3704d475757f295d6e99c280094c1b0cbba13be719
6b6d2a6c50b0294de4f55e8eaaaecd31e5565f6d3ab236199d2e8611d86e01bd
6c69d867f91b8f0e1f6925c4eca6a54e26064f4abcdeb1c332ca1786d2ae70df
6c93ae638dfb8b2fe81173426af77fb6db1876e489dc1e5d1f822fa3bbbdb2f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842a74f55021d85983c3f3d6f5f4ca3c8e7f78de0187212474df2baa04a9598f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
887ba434482ed25fdf9575d3a4f107e3d4d78dee690a915e5c84862daf3c9d0c
9436569ea6c77e4c4763539de428256e79ad38045789dd550a9088853a485ec6
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bea72b1a248dbd806d66daa18c93b8e752d06eab4dc4388157447c2303cf30d
9eb5e5f0302b354dab4826014b2f1968b2c38a96227aeeac4d799d5aea21fe6d
a7ea4c67f1e89dc1bb3f790c355caf346ede327620fab5bf8143af7cef3155e8
ad4f25f7d9a8fcec2a0adbe2d750ac70f815785cdc4efdba7ce0e285fc7178f3
b552473c28c271cc3466997a1119328c5dbe6f6b1f564b521dbe5929452d40d6
c428b686ee1dd0ed2f8fd9361b92c3af98337927883dae51b01c67aead03e8b2
c60ed766c6679b184476652772ffaaf64582a70bef3f8340363918ae8df617f5
d10a3bcf589c749582fa21229f1fcff267d7bb085acdba939a81743b4eb2dde8
d17324b78266eb9aae12d6dac5dc563da5dfd1bcae65079723e6f57f4a86e5ef
d2ebd94e71f8e9860fcf8b7c92de38804ff05c700a1ef2a83005b9cb6872e702
d41dd2693f2660b1fb6dac2f916bccdda9ed029028a730f879b91899a1ac9b5c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e610c484f24be7f09c32366527ea291c6c587846030f8e3c80e0ac362ac67b27
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

brand.roche.com Open in urlscan Pro 2606:4700::6810:dc44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

92 %IPv6

9 Domains

13 Subdomains

12 IPs

4 Countries

6047 kBTransfer

11489 kBSize

6 Cookies

6 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

brand.roche.com Open in urlscan Pro
2606:4700::6810:dc44 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

92 %
IPv6

9
Domains

13
Subdomains

12
IPs

4
Countries

6047 kB
Transfer

11489 kB
Size

6
Cookies

37 HTTP transactions
6 data transactions