corona.berlin Open in urlscan Pro
185.199.108.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://corona.berlin/
Effective URL:
https://corona.berlin/
Submission: On April 05 via api (April 5th 2020, 4:48:10 am UTC) from US

Summary HTTP 39 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 15 domains to perform 39 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is corona.berlin.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 9th 2020. Valid for: 3 months.

This is the only time corona.berlin was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::681f:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	52.18.75.143 52.18.75.143	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
12	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
39	12

2 185.199.108.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

corona.berlin	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::681f:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.75.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-75-143.eu-west-1.compute.amazonaws.com

corona-berlin.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cartodb-basemaps-c.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cartodb-basemaps-a.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cartodb-basemaps-b.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	fastly.net cartodb-basemaps-c.global.ssl.fastly.net cartodb-basemaps-a.global.ssl.fastly.net cartodb-basemaps-b.global.ssl.fastly.net	193 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	130 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com	35 KB
3	cloudflare.com cdnjs.cloudflare.com	68 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	doubleclick.net googleads.g.doubleclick.net
2	jsdelivr.net cdn.jsdelivr.net	42 KB
2	corona.berlin 1 redirects corona.berlin	223 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	herokuapp.com corona-berlin.herokuapp.com	962 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagmanager.com www.googletagmanager.com	28 KB
1	githack.com rawcdn.githack.com	3 KB
1	jquery.com code.jquery.com	33 KB
39	15

	Domain	Requested by
4	cartodb-basemaps-b.global.ssl.fastly.net
4	cartodb-basemaps-a.global.ssl.fastly.net
4	cartodb-basemaps-c.global.ssl.fastly.net
4	pagead2.googlesyndication.com	corona.berlin pagead2.googlesyndication.com
4	maxcdn.bootstrapcdn.com	corona.berlin
3	cdnjs.cloudflare.com	corona.berlin
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com corona.berlin
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	corona.berlin
2	corona.berlin	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	corona-berlin.herokuapp.com	corona.berlin
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	corona.berlin
1	rawcdn.githack.com	corona.berlin
1	code.jquery.com	corona.berlin
39	18

This site contains links to these domains. Also see Links.

Domain
www.berlin.de
leafletjs.com
www.openstreetmap.org
cartodb.com

Subject Issuer	Validity	Valid
corona.berlin Let's Encrypt Authority X3	`2020-03-09` - `2020-06-07`	3 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-13` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.herokuapp.com DigiCert SHA2 High Assurance Server CA	`2017-04-19` - `2020-06-22`	3 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://corona.berlin/
Frame ID: 02338E408C2DC7A0841194D0C9621CDA
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Frame ID: A75B88F523F982F17B2BDAC158D794FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1304244469309993&output=html&adk=1812271804&adf=3025194257&lmt=1583793200&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.berlin%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586062074167&bpp=18&bdt=107&fdt=68&idt=68&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6353243025920&frm=20&pv=2&ga_vid=833475211.1586062074&ga_sid=1586062074&ga_hid=2138235&ga_fc=0&iag=0&icsg=2097832&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475&oid=3&pvsid=965851322516444&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=79
Frame ID: 458CF643717FD1578BE1F0578119D437
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: BE31247AB5DF78B8E4E15C3C8AE67889
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://corona.berlin/ HTTP 301
https://corona.berlin/ Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

script /\/d3(?:\. v\d+)?(?:\.min)?\.js/i

Leaflet (Maps) Expand

Overall confidence: 100%
Detected patterns

script /leaflet.*\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

39
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

18
Subdomains

12
IPs

4
Countries

801 kB
Transfer

2003 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.berlin.de/presse/pressemitteilungen/index/search?searchtext=&boolean=0&startdate=&enddate=&institutions%5B%5D=Senatsverwaltung+f%C3%BCr+Gesundheit%2C+Pflege+und+Gleichstellung&bt=Suchen#searchresults
Title: Government News

Search URL Search Domain Scan URL

URL: http://leafletjs.com/
Title: Leaflet

Search URL Search Domain Scan URL

URL: http://www.openstreetmap.org/copyright
Title: OpenStreetMap

Search URL Search Domain Scan URL

URL: http://cartodb.com/attributions
Title: CartoDB

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://corona.berlin/ HTTP 301
https://corona.berlin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
corona.berlin/
Redirect Chain

http://corona.berlin/
https://corona.berlin/

601 KB
222 KB

422ms
382ms

Document
text/html

185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.berlin/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 40684918a62e3ba3f3a863c04d12fb3ad53b1246b034fa3d78585cf662229afe

Request headers

:method: GET
:authority: corona.berlin
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Mon, 09 Mar 2020 22:33:20 GMT
etag: W/"5e66c430-9635b"
access-control-allow-origin: *
expires: Sun, 05 Apr 2020 04:57:53 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5C1C:71A2:119077:16E960:5E8962F8
accept-ranges: bytes
date: Sun, 05 Apr 2020 04:47:54 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-ams21080-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1586062074.678962,VS0,VE363
vary: Accept-Encoding
x-fastly-request-id: 11486d9920a74e7a583e7976aff0bda075003ad4
content-length: 226918

Redirect headers

Server: GitHub.com
Content-Type: text/html
Location: https://corona.berlin/
X-GitHub-Request-Id: 4CCA:073D:38832:4E03C:5E8962EC
Content-Length: 162
Accept-Ranges: bytes
Date: Sun, 05 Apr 2020 04:47:53 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-ams21027-AMS
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1586062074.524291,VS0,VE97
Vary: Accept-Encoding
X-Fastly-Request-ID: d3e9cc0774b805d17295feb7dbf991dcf4ec2af8

GET
H2 200 leaflet.js Show response
cdn.jsdelivr.net/npm/leaflet@1.4.0/dist/ 138 KB
39 KB 37ms
20ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/leaflet@1.4.0/dist/leaflet.js

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8165148436ade4c48e186010ea276df1834af51b04c7129be9de891d688a81c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22810896
cf-ray: 57f0a23afddcbec9-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21028-AMS, cache-fra19121-FRA
server: cloudflare
jsd-meta: 1551818353485, 9d802c44dc28, pr, /4/2018-12-31/05-15-38.188Z-WyJucG0iLCJsZWFmbGV0IiwiL2Rpc3QvbGVhZmxldC5qcyIsIjEuNC4wIl0=, 0
etag: W/"226fd-wOU+038AjrppCU8dK3Iv1sYlOrM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 22ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 05 Apr 2020 04:47:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 May 2016 17:18:54 GMT
Server: nginx
ETag: W/"573f46fe-17b8b"
Vary: Accept-Encoding
X-HW: 1586062074.dop015.fr8.shc,1586062074.dop015.fr8.t,1586062074.cds167.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33738

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/ 31 KB
8 KB 38ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin: *
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 8536

GET
H2 200 leaflet.awesome-markers.js Show response
cdnjs.cloudflare.com/ajax/libs/Leaflet.awesome-markers/2.0.2/ 4 KB
1 KB 30ms
15ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Leaflet.awesome-markers/2.0.2/leaflet.awesome-markers.js

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0382d98ee76b3706729ebfb2c088b99be258aa30f6054de67b527602348d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 23887
cf-ray: 57f0a23afc6b637d-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:15:12 GMT
server: cloudflare
etag: W/"5afd4820-ecd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 04:47:54 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.021

GET
H2 200 leaflet.css
cdn.jsdelivr.net/npm/leaflet@1.4.0/dist/ 14 KB
3 KB 28ms
12ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/leaflet@1.4.0/dist/leaflet.css

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13543752
cf-ray: 57f0a23afddbbec9-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21028-AMS, cache-fra19175-FRA
server: cloudflare
etag: W/"371a-BHwra6tEHm/m0+qAT9uCUksxKCk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 107 KB
18 KB 35ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:06 GMT
access-control-allow-origin: *
etag: "1544639646"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 18137

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/ 18 KB
2 KB 35ms
11ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap-theme.min.css
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:06 GMT
access-control-allow-origin: *
etag: "1544639646"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 2230

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 28 KB
7 KB 37ms
13ms Stylesheet
text/css 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin: *
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6662

GET
H2 200 leaflet.awesome-markers.css
cdnjs.cloudflare.com/ajax/libs/Leaflet.awesome-markers/2.0.2/ 2 KB
604 B 31ms
17ms Stylesheet
text/css 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Leaflet.awesome-markers/2.0.2/leaflet.awesome-markers.css

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

105a45c816eeb6d509b68a1c633b019c444f59e7b6258cf8727e679140635b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 4998577
cf-ray: 57f0a23afc6a637d-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:15:12 GMT
server: cloudflare
etag: W/"5afd4820-8b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 04:47:54 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 leaflet.awesome.rotate.css
rawcdn.githack.com/python-visualization/folium/master/folium/templates/ 35 KB
3 KB 58ms
12ms Stylesheet
text/css 2606:4700:3038::681f:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/python-visualization/folium/master/folium/templates/leaflet.awesome.rotate.css

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::681f:db6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4476584f7f5e10c7d3cd25cee9450bb970b43d91a87154111591b8379257b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-fastly-request-id: 72fae9c8d2dcfc0a5f84fafd9819f8ae96706280
date: Sun, 05 Apr 2020 04:47:54 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 167
cf-polished: origSize=39887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: HIT, HIT
status: 200
content-encoding: br
x-served-by: cache-hel6826-HEL
cf-ray: 57f0a23b289bd6b1-FRA
expires: Sun, 05 Apr 2020 04:50:07 GMT
cf-bgj: minify
server: cloudflare
x-github-request-id: 3F82:5762:1FCE07:246BBB:5E864760
x-timer: S1585861414.623667,VS0,VE4360
etag: W/"79b2dd2d2c821a5e4d28c3dd53d99e20f3173e867c2438e8c67a681a6c6be99f"
source-age: 0
vary: Authorization,Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: HIT
cache-control: max-age=300, s-maxage=300, public
x-robots-tag: none
x-cache-hits: 5, 16

GET
H2 200 d3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/d3/4.2.2/ 207 KB
65 KB 32ms
19ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/d3/4.2.2/d3.min.js

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0541947209106d3cd50c1b4b99f6eb47e06243494ba330cf12a6a238a4c87430

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
cf-cache-status: HIT
age: 4998007
cf-ray: 57f0a23afc6c637d-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:37 GMT
server: cloudflare
etag: W/"5afd48ed-33a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 26 Mar 2021 04:47:54 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.005

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 14040473416781760607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Apr 2020 04:47:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-51561972-2

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bae3f979080f8b82c038b885a3af2fb65d76faed7d4f78be9e9793a066a83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29062
x-xss-protection: 0
last-modified: Sun, 05 Apr 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Apr 2020 04:47:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=corona.berlin

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=corona.berlin

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/ 215 KB
81 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82822
x-xss-protection: 0
server: cafe
etag: 1643823074256303265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Apr 2020 04:47:54 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/ Frame A75B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corona.berlin/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corona.berlin/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 04 Apr 2020 13:04:26 GMT
expires: Sat, 18 Apr 2020 13:04:26 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 56608
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK / Show response
corona-berlin.herokuapp.com/ 684 B
962 B 5697ms
5577ms Fetch
application/json 52.18.75.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://corona-berlin.herokuapp.com/
Requested by: Host: corona.berlin
URL: https://corona.berlin/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.75.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-75-143.eu-west-1.compute.amazonaws.com
Software: Cowboy / Express
Resource Hash: 09ab6dfd985caf9a2f462caadbb5ee053cd01877e2766ab3b69e42ed3e4a7336

Request headers

Referer: https://corona.berlin/
Origin: https://corona.berlin
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 05 Apr 2020 04:47:59 GMT
Via: 1.1 vegur
Etag: W/"2ac-gshp+f8n0HrQsthtU94dwTlByJ4"
Server: Cowboy
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 684

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-51561972-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 559
date: Sun, 05 Apr 2020 04:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Sun, 05 Apr 2020 06:38:35 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 458C 0
0 22ms
22ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1304244469309993&output=html&adk=1812271804&adf=3025194257&lmt=1583793200&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.berlin%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586062074167&bpp=18&bdt=107&fdt=68&idt=68&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6353243025920&frm=20&pv=2&ga_vid=833475211.1586062074&ga_sid=1586062074&ga_hid=2138235&ga_fc=0&iag=0&icsg=2097832&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475&oid=3&pvsid=965851322516444&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=79

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1304244469309993&output=html&adk=1812271804&adf=3025194257&lmt=1583793200&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcorona.berlin%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586062074167&bpp=18&bdt=107&fdt=68&idt=68&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6353243025920&frm=20&pv=2&ga_vid=833475211.1586062074&ga_sid=1586062074&ga_hid=2138235&ga_fc=0&iag=0&icsg=2097832&dssz=16&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065475&oid=3&pvsid=965851322516444&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=79
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corona.berlin/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corona.berlin/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Apr 2020 04:47:54 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Apr-2020 05:02:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sun, 05 Apr 2020 04:47:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585953408266222"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27981
x-xss-protection: 0
expires: Sun, 05 Apr 2020 04:47:54 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
12ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2138235&t=pageview&_s=1&dl=https%3A%2F%2Fcorona.berlin%2F&ul=en-us&de=UTF-8&dt=COVID-19%20Berlin&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=1757713251&gjid=574497809&cid=833475211.1586062074&tid=UA-51561972-2&_gid=1277399181.1586062074&_r=1&gtm=2ou3p1&z=1757924982

Requested by

Host: corona.berlin
URL: https://corona.berlin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 04:47:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
16ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200401&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e095e914ad6c76a0662b090a1bf72c4d77f0cba101c6ab8730809e25452a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
Origin: https://corona.berlin
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 04:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sun, 05 Apr 2020 04:47:54 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame BE31 0
0 5ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://corona.berlin/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://corona.berlin/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sun, 05 Apr 2020 00:30:08 GMT
expires: Mon, 05 Apr 2021 00:30:08 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15466
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 14ms
13ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200401&jk=965851322516444&bg=!v7ylvKRYpAEoJE3eLnsCAAAATFIAAAALmQFZ6rfwDtXZD6LxIjFXhOYd86mlTfWnem5QnFfnp4GqQlJ6sg2wKqtzJdxT1jn-KOQkqd2_8pm-0dI_bBvLSXspuP0lq_TxfDQ1k1P8WPYe-jsLReQ3KTqgKj1Ik9cnUeG9ipk7uBlWmcKaf1kDlVOIFKRXaTGDi13vL37QRvYcpBu-n4AvbGz6JclzaQ0T3WiV-dZv91sUu2EqzWmwYAVe3jhZVfsGm2yQ_F-2OqOmRmsVJKFPlN9TXRZncm03CWUXmkackIiC_HBEOme61-noYPiIEm9lgPrzTAt25LIa-yyMzd4hSTvBUai0QTWY1INA9pnKCC3j2wnfU37l8FablmK4BUMe0hcii1Pce2bi94kcW51VvUXVn02RLmUcIxoAXm-vbScyo99MP3kqrbf2lMhPHJidwatKRdLef880Lof2rp3xl3uXNfgY7uJ7N-S90W8W9-gF_omH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 04:47:54 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 335.png
cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/549/ 18 KB
19 KB 91ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/549/335.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f5c0783bc69f6526b42d1cefb1addbdf0e85c2f57d62aa13b6f8a5f50895caf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 241319
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 18715
X-Served-By: cache-hhn4059-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060598,VS0,VE1
ETag: W/"491b-aQtAGybsUo9H9ExK1YC374YKgGU"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-5181
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 335.png
cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/550/ 18 KB
19 KB 90ms
25ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/550/335.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

30c5518bbd0db1dcfaffd76b620b843317f66729f6c5ba4fa872b6d961178e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 241573
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 18260
X-Served-By: cache-hhn4033-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060276,VS0,VE0
ETag: W/"4754-1u2RahY6GBMmYolF2Ex+Zx3H5C8"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-fbtl
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 334.png
cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/549/ 12 KB
13 KB 89ms
25ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/549/334.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

21a6eedf2fe671ec777bc2534a57330741d7145f6ba52fc3a21b9d8773c4b6fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 239229
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 12761
X-Served-By: cache-hhn4035-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.057738,VS0,VE1
ETag: W/"31d9-zlhfU1EUKGwAS8+yo2SCcb2XkS0"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-fbtl
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 334.png
cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/550/ 16 KB
17 KB 92ms
27ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/550/334.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

fc443d42a6915e8d9791759c9fc90bc6afd5b86e103aa9cd8232caaf3a085557

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 236173
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 16712
X-Served-By: cache-hhn4059-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060394,VS0,VE2
ETag: W/"4148-WYlqRSzth/gyVm6N9wsMYymN+qQ"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-2s3s
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 336.png
cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/549/ 20 KB
20 KB 91ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/549/336.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

6cc7488e6ff407b9bbf51d59b88453f707d14bd49d376878426d459e97448361

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 846380
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 20082
X-Served-By: cache-hhn4043-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060230,VS0,VE1
ETag: W/"4e72-ZSU2s8jcUSSNJsQA6qBIRvajPbc"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-86w6
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 336.png
cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/550/ 19 KB
20 KB 91ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/550/336.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

be4e8a44382b419cec5617f01d8ec3e20843b7c5ca298ce145f9cc5dd55728a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 846019
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 19417
X-Served-By: cache-hhn4068-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060126,VS0,VE1
ETag: W/"4bd9-S7UPT4RQkZJB3ibhmhLadWCa4mg"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-krsk
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 335.png
cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/548/ 10 KB
11 KB 90ms
25ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/548/335.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f6485b8fa874295283d4feacb96c232c544f73998f7559c84026d1c0097681d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 484216
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 10294
X-Served-By: cache-hhn4062-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060234,VS0,VE1
ETag: W/"2836-bMYeSQf2uJzVMwCA88OcMnR5JQE"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-zmnn
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 335.png
cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/551/ 13 KB
14 KB 91ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-b.global.ssl.fastly.net/light_all/10/551/335.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

33c7d5c41dc3f540db79db6bf4aabe077f81ad46785a0d5504bc3bf87376fc52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 240643
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 13782
X-Served-By: cache-hhn4083-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060199,VS0,VE2
ETag: W/"35d6-iL35+ioyKOz04BeOPnmVSEe3Pp4"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-fz4n
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 334.png
cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/548/ 10 KB
11 KB 124ms
60ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/548/334.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

682e23cde9a3e668ab6a96157a4a7c977feaa1f225708325582b6b44d5b90a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 841070
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 10348
X-Served-By: cache-hhn4050-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060249,VS0,VE1
ETag: W/"286c-EJLYtyZdp4qrFcURN8IACdL70S4"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-tns8
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 334.png
cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/551/ 15 KB
16 KB 91ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-a.global.ssl.fastly.net/light_all/10/551/334.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

301a6a9854e040d6eeccfa2a64fcbe7498db30c8175f1a49e0b61f248f25b73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 231989
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 15442
X-Served-By: cache-hhn4049-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.060358,VS0,VE1
ETag: W/"3c52-CDFlqSYf7auQ0EHEzYf88OcWOJg"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-hmbl
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 336.png
cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/548/ 16 KB
17 KB 87ms
25ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/548/336.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

70ef35eaaf8e2e968b36b2e137595072c43f46eea34eca66933a068efd03c0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 240189
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 16453
X-Served-By: cache-hhn4082-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.057589,VS0,VE1
ETag: W/"4045-U+/hmj7V+oVBvOa1nOkYMiaPlPs"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-1k50
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK 336.png
cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/551/ 17 KB
18 KB 88ms
26ms Image
image/png 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cartodb-basemaps-c.global.ssl.fastly.net/light_all/10/551/336.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

31c3e4974a9e45a0d5b8cfe5c6b6546cec684eec663e1eb3efdd66617137d2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://corona.berlin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains
Via: 1.1 google, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 845814
X-Powered-By: Express
X-Cache: HIT
Date: Sun, 05 Apr 2020 04:48:00 GMT
Connection: keep-alive
Content-Length: 17340
X-Served-By: cache-hhn4062-HHN
Access-Control-Allow-Origin: *
Last-Modified: Wed, 26 Feb 2020 15:19:31 GMT
Server: nginx
X-Timer: S1586062080.057585,VS0,VE1
ETag: W/"43bc-63uv8D35PujaeTzRfKOK3m0tSOU"
X-Frame-Options: DENY
Content-Type: image/png
X-Origin-Server: bm-europe-west-1k50
Cache-Control: public,max-age=604800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 1

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 08:34:22	Name: test_cookie Value: CheckForPermission
.corona.berlin/	1970-01-19 08:34:22	Name: _gat_gtag_UA_51561972_2 Value: 1
.corona.berlin/	1970-01-19 08:35:48	Name: _gid Value: GA1.2.1277399181.1586062074
.corona.berlin/	1970-01-20 02:05:34	Name: _ga Value: GA1.2.833475211.1586062074

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://corona.berlin/(Line 141) Message: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
console-api	log	URL: https://corona.berlin/(Line 150) Message: [object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cartodb-basemaps-a.global.ssl.fastly.net
cartodb-basemaps-b.global.ssl.fastly.net
cartodb-basemaps-c.global.ssl.fastly.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
corona-berlin.herokuapp.com
corona.berlin
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
rawcdn.githack.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
151.101.113.194
185.199.108.153
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
2606:4700:3038::681f:db6
2606:4700::6810:5814
2606:4700::6811:4104
2a00:1450:4001:800::2008
2a00:1450:4001:816::2001
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
52.18.75.143
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0541947209106d3cd50c1b4b99f6eb47e06243494ba330cf12a6a238a4c87430
09ab6dfd985caf9a2f462caadbb5ee053cd01877e2766ab3b69e42ed3e4a7336
0d4476584f7f5e10c7d3cd25cee9450bb970b43d91a87154111591b8379257b6
105a45c816eeb6d509b68a1c633b019c444f59e7b6258cf8727e679140635b40
21a6eedf2fe671ec777bc2534a57330741d7145f6ba52fc3a21b9d8773c4b6fb
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
301a6a9854e040d6eeccfa2a64fcbe7498db30c8175f1a49e0b61f248f25b73b
30c5518bbd0db1dcfaffd76b620b843317f66729f6c5ba4fa872b6d961178e40
31c3e4974a9e45a0d5b8cfe5c6b6546cec684eec663e1eb3efdd66617137d2d7
33c7d5c41dc3f540db79db6bf4aabe077f81ad46785a0d5504bc3bf87376fc52
34b102cb7689409fd1c3c180aeb1fd3f0b8bf0b47ab25c74c42eaff574e661a9
40684918a62e3ba3f3a863c04d12fb3ad53b1246b034fa3d78585cf662229afe
611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda
61e095e914ad6c76a0662b090a1bf72c4d77f0cba101c6ab8730809e25452a81
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
682e23cde9a3e668ab6a96157a4a7c977feaa1f225708325582b6b44d5b90a05
6cc7488e6ff407b9bbf51d59b88453f707d14bd49d376878426d459e97448361
70ef35eaaf8e2e968b36b2e137595072c43f46eea34eca66933a068efd03c0b6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b0382d98ee76b3706729ebfb2c088b99be258aa30f6054de67b527602348d07
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b1bae3f979080f8b82c038b885a3af2fb65d76faed7d4f78be9e9793a066a83f
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
be4e8a44382b419cec5617f01d8ec3e20843b7c5ca298ce145f9cc5dd55728a8
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8165148436ade4c48e186010ea276df1834af51b04c7129be9de891d688a81c
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f5c0783bc69f6526b42d1cefb1addbdf0e85c2f57d62aa13b6f8a5f50895caf2
f6485b8fa874295283d4feacb96c232c544f73998f7559c84026d1c0097681d4
fc443d42a6915e8d9791759c9fc90bc6afd5b86e103aa9cd8232caaf3a085557

corona.berlin Open in urlscan Pro 185.199.108.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

75 %IPv6

15 Domains

18 Subdomains

12 IPs

4 Countries

801 kBTransfer

2003 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corona.berlin Open in urlscan Pro
185.199.108.153 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

18
Subdomains

12
IPs

4
Countries

801 kB
Transfer

2003 kB
Size

4
Cookies

39 HTTP transactions
0 data transactions