corona.virus.com Open in urlscan Pro
35.208.137.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.virus.com/
Effective URL:
https://corona.virus.com/de/
Submission: On November 23 via manual (November 23rd 2023, 12:42:54 am UTC) from EG — Scanned from DE

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 88 HTTP transactions. The main IP is 35.208.137.69, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is corona.virus.com.
TLS certificate: Issued by R3 on October 8th 2023. Valid for: 3 months.

This is the only time corona.virus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.5.70 104.21.5.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 38	35.208.137.69 35.208.137.69	19527 (GOOGLE-2) (GOOGLE-2)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
88	11

1 104.21.5.70 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.virus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 35.208.137.69 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 69.137.208.35.bc.googleusercontent.com

virus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
corona.virus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	virus.com 2 redirects www.virus.com virus.com corona.virus.com	270 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	584 KB
16	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2	65 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	55 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	127 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
88	8

	Domain	Requested by
37	corona.virus.com	corona.virus.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	pagead2.googlesyndication.com	corona.virus.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com corona.virus.com
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagmanager.com	corona.virus.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	virus.com	1 redirects
1	www.virus.com	1 redirects
88	12

This site contains no links.

Subject Issuer	Validity	Valid
*.virus.com R3	`2023-10-08` - `2024-01-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://corona.virus.com/de/
Frame ID: 44E628F79245C1FAE3965D159D7EBE1B
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 616D7FCAD42D65EB19D5A2D8892B9C04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7824033083365338&output=html&adk=1812271804&adf=3025194257&lmt=1700700168&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fcorona.virus.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700700168543&bpp=2&bdt=667&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2719656768031&frm=20&pv=2&ga_vid=358309442.1700700169&ga_sid=1700700169&ga_hid=1508189444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3396920837303908&tmod=1899249179&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=140
Frame ID: CD38C2C706AE389CB0CCD766A72FDDE5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 71DE9A2AC6F9593750A623CF5D8D8BF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7824033083365338&output=html&adk=1812271804&adf=3025194257&lmt=1700700169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fcorona.virus.com%2Fde%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700700169269&bpp=2&bdt=366&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8230077126048&frm=20&pv=2&ga_vid=358309442.1700700169&ga_sid=1700700169&ga_hid=541811463&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C44795921%2C31078297%2C31079653%2C44806141%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=1074569483687599&tmod=1990067173&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fcorona.virus.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=141
Frame ID: 9BE48FF99344BF18CF6D7BA5A8DC22C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8BC77A2888B9A7512915B904B65DF9B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 429FC014923E19AF2C2D35A1501134A1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BF9549FA4B6917E901703687A8B05123
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FC1DDFE92993A4A7CDAC97AA1F33DB50
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 44A24B7220354F69C34C4A699CD9235C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Corona Virus News - Corona Virus News Blog

Page URL History Show full URLs

https://www.virus.com/ HTTP 301
https://virus.com/ HTTP 301
https://corona.virus.com/ Page URL
https://corona.virus.com/de/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

88
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1206 kB
Transfer

4417 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.virus.com/ HTTP 301
https://virus.com/ HTTP 301
https://corona.virus.com/ Page URL
https://corona.virus.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.virus.com/ HTTP 301
https://virus.com/ HTTP 301
https://corona.virus.com/

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CsLaXCaBeZdOxGoG_9u8P7sOWyA-D5ojhcN2rlu2mDO7oqOucHBABIJWErn9gleKmgrAHoAGI_tikAsgBAqkCaqMdG0lCsj6oAwHIA8kEqgSbAk_QKNP3ePmHXJpPGew_5hWl4hbvacfh4jzEiBM-v_onv4Wo6R3SmLBgmu95ruXxKmIwDUxvYeNkvdplWmG4tRVpha3F5irIkwAMVqa-Ow7wbCrGhFH3LbsS9jpsDnJZ4GoAHekZzkztJ3t0OBEpJJWsVXiVuE-Q0_TUuq-8nu8UYglSfECmfReKkpt0TxkqIstKGaybPBpOSwh752MNHmdR2nuYpmx9yiMUGom5uar8Tm1cA3o7GDe3YZ9XCp1mpMEI3wZWveWXRMkUK2VD7QvOdZO0tl9tE2KI4ncWEXp_v44zLuddl_n7iW4rUeTA0XCjPmfug4EBC2ejZDchE1HNAfA3duxBehvtX9502W5CTvWnFY1HbcPiwY_ABN6Mm_6WA4gFqd301CeSBQQIBBgBkgUECAUYBKAGAoAH4IGn2wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRCH2OQJ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGmh0dHBzOi8vd3d3LnJpc2VydmEuaXQvZGUvgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi03ODI0MDMzMDgzMzY1MzM4GAA&sigh=jtsOq09v5fo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNyBQ79WCrMsD4pT2P6L-R5KFwThqlGmYdA4vqT7ay3-vyLW9__AvJtE450BBoCbxLRg0ig5xFOf06bljCDjNobztrbhfvA4KGLRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225837248995316230614%22,%22debug_reporting%22:true,%22destination%22:%22https://riserva.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22613826312%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212045977444942395233%22}&andc=true

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
corona.virus.com/
Redirect Chain

https://www.virus.com/
https://virus.com/
https://corona.virus.com/

17 KB
4 KB

302ms
134ms

Document
text/html

35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d3ce6966e9171ae43f21d4ad0ca72fa2dcf722fda141cd109742664627dbee93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 00:42:47 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://corona.virus.com/wp-json/>; rel="https://api.w.org/", <https://corona.virus.com/wp-json/wp/v2/pages/11953>; rel="alternate"; type="application/json", <https://corona.virus.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-httpd: 1
x-proxy-cache: HIT

Redirect headers

content-length: 233
content-type: text/html; charset=iso-8859-1
date: Thu, 23 Nov 2023 00:42:47 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
location: https://corona.virus.com/
server: nginx
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:

GET
H2 200 style.min.css
corona.virus.com/wp-includes/css/dist/block-library/ 107 KB
13 KB 270ms
267ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 07:09:57 GMT
server: nginx
etag: W/"654dd745-1add3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 trp-floater-language-switcher-style.min.css
corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/ 4 KB
1 KB 271ms
268ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher-style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: faeb38a8febce2eda4a050cdc2143623e023515bc5236462d6b2ab6fff262977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 12:35:45 GMT
server: nginx
etag: W/"633c28a1-ff4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 trp-language-switcher-style.min.css
corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/ 2 KB
794 B 271ms
268ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher-style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6baf44ba52bee819a59404441f9c59ba0cb30cfc0a0e60576b614c3649ac3db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 12:35:45 GMT
server: nginx
etag: W/"633c28a1-7c4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 js_composer.min.css
corona.virus.com/wp-content/plugins/js_composer/assets/css/ 452 KB
38 KB 272ms
269ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 18:03:29 GMT
server: nginx
etag: W/"634eea71-70ee5"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 bootstrap-grid.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/ 50 KB
5 KB 401ms
399ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/bootstrap-grid.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f97f985031b5c3d2409d408a4fb7cf923f7bb3a80a948bc179c5a78360a6e125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-c6bb"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 imi-main.min.css
corona.virus.com/wp-content/themes/veneno/ 14 KB
3 KB 402ms
399ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/imi-main.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81d19b43648002f3d97abbb394a8601cf30f228fa1f8e3feeb9d7aa11f3c5e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-389d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 imi-child.min.css
corona.virus.com/wp-content/themes/veneno-child/ 638 B
496 B 402ms
400ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno-child/imi-child.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3cad6a27c9603570f20041a9fd8f0136dfc87bc8ed69b9d6599c6fb23b66add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Mon, 14 Dec 2020 09:35:14 GMT
server: nginx
etag: W/"5fd731d2-27e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 imi-icons.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/imi-icons/css/ 5 KB
1 KB 402ms
400ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/imi-icons/css/imi-icons.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 20357668d393ad6407bbaee8d07d4484032bdf3729f625a625b6bffa3d00dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-1473"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 imi-shortcodes.min.css
corona.virus.com/wp-content/plugins/imi-core/js_composer/assets/css/ 53 KB
8 KB 402ms
400ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/imi-core/js_composer/assets/css/imi-shortcodes.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a1d847f842e378785dd93dbc9706e658718adb7f36f37d22428837b0e538bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:17:31 GMT
server: nginx
etag: W/"5faa064b-d3a2"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 theme-base.min.css
corona.virus.com/wp-content/themes/veneno/ 78 KB
14 KB 402ms
400ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/theme-base.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12c61d0debea7ba631b4f7339d3d0a4825fbf71aba8bc9a4b519505316637527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-13955"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:47 GMT

GET
H2 200 responsive-media.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/ 10 KB
3 KB 402ms
401ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/responsive-media.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5575aa16a0067df6658d5a8160dd98596cf8c84b87c5f67f31a3f56a00fd397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-2966"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 magnific-css.min.css
corona.virus.com/wp-content/themes/veneno/assets/vendor/magnific/ 5 KB
2 KB 402ms
401ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/vendor/magnific/magnific-css.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 61d99187cb27c88e11f90408f82fa292e8ad82070b02a4f14a682772a7bcd008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-146d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 imi-colors.min.css
corona.virus.com/wp-content/themes/veneno/assets/colors/ 10 KB
2 KB 403ms
401ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/colors/imi-colors.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c3bb6d03e2442a683ae0bcb647da1951ec5c96ad59b569e640d8082748673e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-28cf"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 jquery.min.js Show response
corona.virus.com/wp-includes/js/jquery/ 86 KB
29 KB 403ms
401ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 07:09:57 GMT
server: nginx
etag: W/"654dd745-15601"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
corona.virus.com/wp-includes/js/jquery/ 13 KB
5 KB 403ms
402ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 23:54:14 GMT
server: nginx
etag: W/"64d42726-3509"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 trp-language-cookie.min.js Show response
corona.virus.com/wp-content/uploads/siteground-optimizer-assets/ 4 KB
2 KB 133ms
133ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/uploads/siteground-optimizer-assets/trp-language-cookie.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 06104cd4b64a3a451cd2f1e23fdfd83f03f4982f0d4323f82029e9e6b9b4df66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Fri, 13 Nov 2020 20:07:59 GMT
server: nginx
etag: W/"5faee79f-fa5"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 waypoints.min.js Show response
corona.virus.com/wp-content/uploads/siteground-optimizer-assets/ 7 KB
2 KB 132ms
132ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/uploads/siteground-optimizer-assets/waypoints.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4123e853e95c37d55c4d3ab62cba05b3918eaa06ac7f0af56c7508ba473028c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-1d8f"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 64ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-183520360-1&siteground-async=1

Requested by

Host: corona.virus.com
URL: https://corona.virus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4d3bef87d1a2a9a73f56319c90279c76795aa921e80bb9319f0b99d3f5f7ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64705
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 00:42:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 71ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Requested by

Host: corona.virus.com
URL: https://corona.virus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

100e22a84b43f458c3ef2b110358a2d33811474bbe26a09b4c56043dafa200ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Origin: https://corona.virus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52726
x-xss-protection: 0
server: cafe
etag: 17540001020880595601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183520360-1&siteground-async=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 23:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3190
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 01:49:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 78ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7824033083365338&plah=corona.virus.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a357eddc7ae3be6ef4ace572d4bf6c9dad621881a1bf39db6d844990fe99929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138533
x-xss-protection: 0
server: cafe
etag: 14989709725506201774
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:48 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 616D 9 KB
4 KB 47ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:40:25 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 07:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 trp-ald-ajax.php
corona.virus.com/wp-content/plugins/tp-add-on-automatic-language-detection/includes/ 7 B
143 B 179ms
178ms XHR
text/html 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/tp-add-on-automatic-language-detection/includes/trp-ald-ajax.php
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://corona.virus.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-httpd: 1
date: Thu, 23 Nov 2023 00:42:48 GMT
server: nginx
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 7
x-proxy-cache-info: DT:1
content-type: text/html; charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 24ms
23ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1508189444&t=pageview&_s=1&dl=https%3A%2F%2Fcorona.virus.com%2F&ul=en-us&de=UTF-8&dt=Corona%20Virus%20News%20%E2%80%93%20Corona%20Virus%20News%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=112794688&gjid=1424343319&cid=358309442.1700700169&tid=UA-183520360-1&_gid=1312103758.1700700169&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1616647408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 00:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corona.virus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame CD38 0
0

GET
H2 200 Primary Request / Show response
corona.virus.com/de/ 18 KB
4 KB 136ms
135ms Document
text/html 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/de/
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/wp-content/uploads/siteground-optimizer-assets/trp-language-cookie.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 930ac5e96ae4e5d4c1c45a927f71a703752eab237124407205a91c0274ef1821

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 00:42:48 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://corona.virus.com/de/wp-json/>; rel="https://api.w.org/", <https://corona.virus.com/de/wp-json/wp/v2/pages/11953>; rel="alternate"; type="application/json", <https://corona.virus.com/de/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-httpd: 1
x-proxy-cache: HIT

GET
H2 200 style.min.css
corona.virus.com/wp-includes/css/dist/block-library/ 107 KB
13 KB 138ms
136ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 07:09:57 GMT
server: nginx
etag: W/"654dd745-1add3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 trp-floater-language-switcher-style.min.css
corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/ 4 KB
1 KB 140ms
137ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher-style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: faeb38a8febce2eda4a050cdc2143623e023515bc5236462d6b2ab6fff262977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 12:35:45 GMT
server: nginx
etag: W/"633c28a1-ff4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 trp-language-switcher-style.min.css
corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/ 2 KB
794 B 142ms
139ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher-style.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6baf44ba52bee819a59404441f9c59ba0cb30cfc0a0e60576b614c3649ac3db8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 04 Oct 2022 12:35:45 GMT
server: nginx
etag: W/"633c28a1-7c4"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 js_composer.min.css
corona.virus.com/wp-content/plugins/js_composer/assets/css/ 452 KB
38 KB 152ms
150ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 18 Oct 2022 18:03:29 GMT
server: nginx
etag: W/"634eea71-70ee5"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 bootstrap-grid.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/ 50 KB
5 KB 164ms
162ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/bootstrap-grid.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f97f985031b5c3d2409d408a4fb7cf923f7bb3a80a948bc179c5a78360a6e125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-c6bb"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 imi-main.min.css
corona.virus.com/wp-content/themes/veneno/ 14 KB
3 KB 164ms
162ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/imi-main.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81d19b43648002f3d97abbb394a8601cf30f228fa1f8e3feeb9d7aa11f3c5e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-389d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 imi-child.min.css
corona.virus.com/wp-content/themes/veneno-child/ 638 B
496 B 165ms
163ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno-child/imi-child.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f3cad6a27c9603570f20041a9fd8f0136dfc87bc8ed69b9d6599c6fb23b66add

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Mon, 14 Dec 2020 09:35:14 GMT
server: nginx
etag: W/"5fd731d2-27e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 imi-icons.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/imi-icons/css/ 5 KB
1 KB 165ms
163ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/imi-icons/css/imi-icons.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 20357668d393ad6407bbaee8d07d4484032bdf3729f625a625b6bffa3d00dd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-1473"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 imi-shortcodes.min.css
corona.virus.com/wp-content/plugins/imi-core/js_composer/assets/css/ 53 KB
8 KB 166ms
164ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/plugins/imi-core/js_composer/assets/css/imi-shortcodes.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0a1d847f842e378785dd93dbc9706e658718adb7f36f37d22428837b0e538bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:17:31 GMT
server: nginx
etag: W/"5faa064b-d3a2"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 theme-base.min.css
corona.virus.com/wp-content/themes/veneno/ 78 KB
14 KB 171ms
170ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/theme-base.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 12c61d0debea7ba631b4f7339d3d0a4825fbf71aba8bc9a4b519505316637527

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:48 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-13955"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:48 GMT

GET
H2 200 responsive-media.min.css
corona.virus.com/wp-content/themes/veneno/assets/css/ 10 KB
3 KB 266ms
264ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/css/responsive-media.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5575aa16a0067df6658d5a8160dd98596cf8c84b87c5f67f31a3f56a00fd397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-2966"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 magnific-css.min.css
corona.virus.com/wp-content/themes/veneno/assets/vendor/magnific/ 5 KB
2 KB 268ms
267ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/vendor/magnific/magnific-css.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 61d99187cb27c88e11f90408f82fa292e8ad82070b02a4f14a682772a7bcd008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-146d"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 imi-colors.min.css
corona.virus.com/wp-content/themes/veneno/assets/colors/ 10 KB
2 KB 270ms
269ms Stylesheet
text/css 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/themes/veneno/assets/colors/imi-colors.min.css
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c3bb6d03e2442a683ae0bcb647da1951ec5c96ad59b569e640d8082748673e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-28cf"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 jquery.min.js Show response
corona.virus.com/wp-includes/js/jquery/ 86 KB
29 KB 274ms
273ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Fri, 10 Nov 2023 07:09:57 GMT
server: nginx
etag: W/"654dd745-15601"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
corona.virus.com/wp-includes/js/jquery/ 13 KB
5 KB 277ms
276ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Wed, 09 Aug 2023 23:54:14 GMT
server: nginx
etag: W/"64d42726-3509"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 trp-language-cookie.min.js Show response
corona.virus.com/wp-content/uploads/siteground-optimizer-assets/ 4 KB
2 KB 135ms
134ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/uploads/siteground-optimizer-assets/trp-language-cookie.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 06104cd4b64a3a451cd2f1e23fdfd83f03f4982f0d4323f82029e9e6b9b4df66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Fri, 13 Nov 2020 20:07:59 GMT
server: nginx
etag: W/"5faee79f-fa5"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 waypoints.min.js Show response
corona.virus.com/wp-content/uploads/siteground-optimizer-assets/ 7 KB
2 KB 134ms
133ms Script
application/javascript 35.208.137.69
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://corona.virus.com/wp-content/uploads/siteground-optimizer-assets/waypoints.min.js
Requested by: Host: corona.virus.com
URL: https://corona.virus.com/de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.208.137.69 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 69.137.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b4123e853e95c37d55c4d3ab62cba05b3918eaa06ac7f0af56c7508ba473028c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 03:16:54 GMT
server: nginx
etag: W/"5faa0626-1d8f"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Fri, 22 Nov 2024 00:42:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-183520360-1&siteground-async=1

Requested by

Host: corona.virus.com
URL: https://corona.virus.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f4d3bef87d1a2a9a73f56319c90279c76795aa921e80bb9319f0b99d3f5f7ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64705
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 00:42:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Requested by

Host: corona.virus.com
URL: https://corona.virus.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

835d9bcdf1abffbb90fb18866ec09f4c31d20171301f88cc878d161d70e92220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Origin: https://corona.virus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52728
x-xss-protection: 0
server: cafe
etag: 1354960085817318177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:49 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-183520360-1&siteground-async=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 23:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3191
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 Nov 2023 01:49:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7824033083365338&plah=corona.virus.com&bust=31079653

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e9dbae6f1a533b301805a98fdea8f087a1e0ce345fc74d448830cc8729d990

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138532
x-xss-protection: 0
server: cafe
etag: 2532571514448246606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:49 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 71DE 9 KB
4 KB 13ms
12ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7824033083365338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61344
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:40:25 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 07:40:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=541811463&t=pageview&_s=1&dl=https%3A%2F%2Fcorona.virus.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Corona%20Virus%20News%20-%20Corona%20Virus%20News%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QCCACUABBAAAAAAAI~&jid=&gjid=&cid=358309442.1700700169&tid=UA-183520360-1&_gid=1312103758.1700700169&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=112049553

Requested by

Host: corona.virus.com
URL: https://corona.virus.com/de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 05:10:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70315
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BE4 130 KB
42 KB 257ms
257ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7824033083365338&output=html&adk=1812271804&adf=3025194257&lmt=1700700169&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fcorona.virus.com%2Fde%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700700169269&bpp=2&bdt=366&idt=123&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8230077126048&frm=20&pv=2&ga_vid=358309442.1700700169&ga_sid=1700700169&ga_hid=541811463&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079437%2C44795921%2C31078297%2C31079653%2C44806141%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=1074569483687599&tmod=1990067173&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fcorona.virus.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7824033083365338&plah=corona.virus.com&bust=31079653

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

052ce930494ac6880d2dacdaa8414250417c6ecbbdfbb7bddc2d898c6bde8cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 00:42:49 GMT
expires: Thu, 23 Nov 2023 00:42:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 28ms
28ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ce43695629de9ce319fca6188703903e65c71824f09bd87725abc00dd125cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12457
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079653

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55801
x-xss-protection: 0
server: cafe
etag: 7188734607447846984
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:49 GMT

GET
H2 200 ca-pub-7824033083365338 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 95ms
53ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7824033083365338?ers=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1331114ead33b190ae046cfb7f1b4d95d71f0607271c8cabaec507d382744c4f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-CuWt9qNanK0tH-L8oIpvwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-CuWt9qNanK0tH-L8oIpvwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 57ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 00:42:49 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8BC7 13 KB
5 KB 15ms
13ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 16:29:59 GMT
expires: Thu, 21 Nov 2024 16:29:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 429F 829 B
1 KB 59ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bb4a3c25c67eae55cd30f8533e941ace5292156dca717c524de60deb10c2c4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bp0Irva430UCVwattWYUMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Bp0Irva430UCVwattWYUMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 00:42:49 GMT
expires: Thu, 23 Nov 2023 00:42:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BC7 39 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:20:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 16:20:57 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame BF95 9 KB
4 KB 13ms
12ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 07:40:29 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 07:40:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxV4LwxD28Ae_NVdTYcfOkXaCh93p8YT34TPhMMhaMfWvlgB6ZnQ7te-jMT2j2mQnZXH9hgCzFZjCQGXgYubIk4dgXw2YItRtSiU80uDpoB-U14epAixAAjqfVLqHu7a9gN9JHNgfA== Show response
fundingchoicesmessages.google.com/f/ 4 KB
3 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV4LwxD28Ae_NVdTYcfOkXaCh93p8YT34TPhMMhaMfWvlgB6ZnQ7te-jMT2j2mQnZXH9hgCzFZjCQGXgYubIk4dgXw2YItRtSiU80uDpoB-U14epAixAAjqfVLqHu7a9gN9JHNgfA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNzAwMTY5LDg3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9jb3JvbmEudmlydXMuY29tL2RlLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5764d4457791a6782c28129bf44ea51a86ef2a094f0bcf4d86a839ae46bd2b6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lXhprCW3XXGzVq7LqZrBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-lXhprCW3XXGzVq7LqZrBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame BF95 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 02:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 02:17:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC1D 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 00:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF95 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:29:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF95 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 200 10515934452568549501
tpc.googlesyndication.com/simgad/ Frame BF95 39 KB
39 KB 202ms
202ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10515934452568549501?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmb6Ts2AYBm32npQ08OyHnhAoaxiA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2fb95eb339905cec43c769c2746a3be970f726d1176a3ca1928d60f464185b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:50 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39657
x-xss-protection: 0
last-modified: Thu, 23 Jul 2020 15:24:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 22 Nov 2024 00:42:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF95 202 KB
64 KB 101ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:42:50 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BF95 36 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4538
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:27:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 429F 0
0 47ms
46ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1074569483687599&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 63ms
34ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CB-UwI8c_BK_h8gHXpN8kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CB-UwI8c_BK_h8gHXpN8kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://corona.virus.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVFuTGT0TXa8JKmvDvc5DXBZdbUOf-HDnYfkE8gHNWmUJlvtne5FjTBKa_62VADRKZC3nz8EA6_GFxMhPHNs-SBSVaNxKi0AcBhyVc7cBPWEQr_Ig6s3dfrfbH32TPiTuqM4snaUA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVFuTGT0TXa8JKmvDvc5DXBZdbUOf-HDnYfkE8gHNWmUJlvtne5FjTBKa_62VADRKZC3nz8EA6_GFxMhPHNs-SBSVaNxKi0AcBhyVc7cBPWEQr_Ig6s3dfrfbH32TPiTuqM4snaUA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNzAwMTY5LDk1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9jb3JvbmEudmlydXMuY29tL2RlLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

538e861566b76b29cd8678f2bbd1af88295349e814d2afa65735b4edb094854e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6-kQ9sYvFJLnv8Izw0OG-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6-kQ9sYvFJLnv8Izw0OG-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC1D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 00:42:50 GMT
expires: Thu, 23 Nov 2023 00:42:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 00:42:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF95 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a2c7e175847b0c00f8d36b760f7560753b38f5b3170d2084789ce8728482102

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8BC7 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Oh3W5A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BF95
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CsLaXCaBeZdOxGoG_9u8P7sOWyA-D5ojhcN2rlu2mDO7oqOucHBABIJWErn9gleKmgrAHoAGI_tikAsgBAqkCaqMdG0lCsj6oAwHIA8kEqgSbAk_QKNP3ePmHXJpPGew_5hWl4hbvacfh4jz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225837248995316230614%22,%22debug_reporting%22:true,%22destination%22:%22https://riserva.it%22,%22event_report_window%22:%22...

0
0

83ms
50ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225837248995316230614%22,%22debug_reporting%22:true,%22destination%22:%22https://riserva.it%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22613826312%22],%224%22:[%2211-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212045977444942395233%22}&andc=true

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5837248995316230614","debug_reporting":true,"destination":"https://riserva.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["613826312"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"12045977444942395233"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 00:42:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 00:42:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5837248995316230614","debug_reporting":true,"destination":"https://riserva.it","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["613826312"],"4":["11-23"],"6":["true"]},"priority":"500","source_event_id":"12045977444942395233"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 44A2 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 523593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 23:16:17 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 97ms
48ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 00:42:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1074569483687599&bg=!PzylPHPNAAZxrfrxUa07ADQBe5WfOPOW5SPHwXUY5520D4tEu8zivoqdF_TfQp82neF8tXERR8_CyfezaNR4BpjbvGNCAgAAAOFSAAAAA2gBBwoAiH44A0wt3djOU2lGDYWkwtp06-dhJJUYfrYA7I4jKiBJSW4IQcavq_P8-02p-EdUrwdN6M9dWqnvClbVHQ0pHyr8X8FKjEJqI2CY84uC7JSDtD9lr4_Pm6PqJdsPYfhQPO57EvYI3rzQHXQd5MiuNqSthRaeYmrXRh9jsz4rBCoCJ4ruWX_6dPSZAq9fbT3SZDhFk8sDZEBwMOG4OHV58VeGzVjVrfqD8nY-JNkhbGJ66fBic6s3nbdGFSmxUTZqnsmTRSZf7emfDbUg-EoMSv3GlRnoaYy1FnoVex2RtIoC3g4P9VLKZ9pUJinGfozyJFaV7CsqBWjhe-YTyDCpMJvd3P_uLh5XHxcFTZFa9XAfZkU0kqHN2EcDs2LAY1kmrZVoCf5CGXAEUgIy571kOH0hfDx1btnJdDpKK3MGNF_EsdEle0yZuYZb8YRzyd5uqds_RgdP8ZTJAtT4pIGd9RTdzQ3JW7gYvi_pC5SquVY8SfFhLLf-rr8HWdpGFC_pvQzCO7a0nMgWLkZ3x92z3NOmFJX1TNUpTdwdjTeqnrjO-Q5zun7IFGnrEsU4P6Uns6c2PVayMGm9aBsEji2CTeNod1aGYuyM-k4i0bfTQGR3HMfw0HQS_QMvNPfZjt3VJl38ujKaVi-l7jJHoLNezYOwRPCzkfbJ0Ui4NOUTBZp_qgQpaSaH-DNM62R3OJ_qxOZlR2D47yb6DqfKHZS_aRd-0Jj4ANphrJp9PY4g_UMHbljnDYvVpEOfWw6xtq4iCHUinwgZc3DEAMOqkS8FWJzHZJJ7m1mp6davv9CPnI0MCS2ZtUtSwFLU6kPF0aKMadQFMRd0PXDlHSZMKXfI9rTHUhZHMT1r9dFFH1ubQqKNgCl8lgiZMm4zy0AVHyv2bxscRoleLHrwc_YO_nA_FfTra-58P2gsOkdTjWPTyWs397-1wIpooaMJtS2W-hPMFftRUzGimkKGTFJMJVPzAmsNmz5C6fn6mNLDBMM4g688pEQwa9_Ocvp81z6E_yKos63VJtALxN7agmnCUjos_BudLnRQLX4erdJ4rqx0nV-I4_NLA2BgTilkZoBcygERm9mgUbDAEcJ_y70
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 33ms
31ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.7704016425208535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-oJddnJEbR2IjXVoVdr_DLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-oJddnJEbR2IjXVoVdr_DLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 69ms
68ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.0737352753215035

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HQa3hl1dyxT60vbmC9cQow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-HQa3hl1dyxT60vbmC9cQow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 28ms
28ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rf_G3aRYOTDLWDW_KsZYzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-rf_G3aRYOTDLWDW_KsZYzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://corona.virus.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF95 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCoVVyuSZsICvKr1Rzp8rED0wUqb9uRq7mNRa0gVxAAQZ_Jt5g-AFlIuWNnV5AWs6FvcbzIft2883RG1cp5bhzRwngC02hi3EHm338hpC9UDRWHu4f251ZVHxIhS9-09DJbCjbQsqg4f-TEuV-IhOlFyqVUaOl-5dBRsfdT_g&sai=AMfl-YQEZ2DSeycvQD85eysq4WeTDj78S7wWRe73t7gFduZKCUFwFxlC2k5chEweOIp7MSAdtdqmTVQFJUXGMvBmoG9WnHnfICK434EcICDSouYFT8oJxEdUpk6vEh_DLAukUUZfG2BHs0dv6opW4e3f&sig=Cg0ArKJSzDaTCNEv72phEAE&cid=CAQSTgDICaaNyBQ79WCrMsD4pT2P6L-R5KFwThqlGmYdA4vqT7ay3-vyLW9__AvJtE450BBoCbxLRg0ig5xFOf06bljCDjNobztrbhfvA4KGLRgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=83,767,1002,1108,1108&tos=83,684,235,106,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700700169863&rpt=290&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 00:42:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 get-advert--468x60px. Show response
fundingchoicesmessages.google.com/f/AGSKWxUFXEzUr6tBqG5zJrkPrQ3dUB5dmYyefpCTMGY706fKP8i4bB7TU3AoSn4x1dcJiA6ZPklVG4CQzBvIGcEm4pCL1QDiwO-tZu0mb8goE4lOlSbnJhu_qiFazS5rJfhNw6umrbHrl0N6izgwuyYRnPDhdkdQ9... 54 B
109 B 31ms
31ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUFXEzUr6tBqG5zJrkPrQ3dUB5dmYyefpCTMGY706fKP8i4bB7TU3AoSn4x1dcJiA6ZPklVG4CQzBvIGcEm4pCL1QDiwO-tZu0mb8goE4lOlSbnJhu_qiFazS5rJfhNw6umrbHrl0N6izgwuyYRnPDhdkdQ977zfBCd9_Ot9-psxFG8siq4ClHaMV-k/_/pop_camgirlcity./190_900./europixads./get-advert--468x60px.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d927acc0d73e19959da00079c76ef6f1d9513dd5f242d0f982cb65380cff166a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w7_EtXj64UQGt9p0EytOiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-w7_EtXj64UQGt9p0EytOiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

deeec8181fa712efacdd95679fcb93a9bf6daf1323e78c7b9bb1d7e0ecd56832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:33:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30579
x-xss-protection: 0
server: cafe
etag: 10378881910978551140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 01:33:49 GMT

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 28ms
28ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i_54gBILogXeuYnE7QvRog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i_54gBILogXeuYnE7QvRog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://corona.virus.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-49HLU8LxcrRgMZT0Oz0WlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-49HLU8LxcrRgMZT0Oz0WlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://corona.virus.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 57ms
57ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K2chXog5MjAZH8y16qz6Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-K2chXog5MjAZH8y16qz6Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://corona.virus.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 65ms
65ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUlYf1YHoIK4A-D88hKG9VC2S46MBiEuRDL5C1sQuTSv9-wKbuszPRWGPh2Jup6zCq0MJSZTyezLDUbr9JNVE0KB19Ndfr1zwog_bsWk3lwNC_HFfacqv53bIBZnNhnGxG4nwP9Qg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XVH-dlJOncSy8WvCrLo0dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-XVH-dlJOncSy8WvCrLo0dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://corona.virus.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWXD5HltYkYAbPZrRlFPeTamN2ifr8C0NGUOllo-vjFc9KgW74reNSnKByEFVRVApsrny0O7LVz6mWM0kfY4BYHRg7rFlpdbacQZg8DF3ww1L0t6gdo5S4GEpkZDTmAM2D9fdGxFQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWXD5HltYkYAbPZrRlFPeTamN2ifr8C0NGUOllo-vjFc9KgW74reNSnKByEFVRVApsrny0O7LVz6mWM0kfY4BYHRg7rFlpdbacQZg8DF3ww1L0t6gdo5S4GEpkZDTmAM2D9fdGxFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNzAwMTcxLDg3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY29yb25hLnZpcnVzLmNvbS9kZS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57cecf1da34dfff4bd21cf42169a04a994e9c8084e20ad0444e0a61c9ac4d532

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eyCXG2-4F3iNoBqKbx3sRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://corona.virus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-eyCXG2-4F3iNoBqKbx3sRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUGj5bL-r3IiAaexi0f5H37X-NTux1kdxpML5I5QEgQv6nMu9lZtWdoJKK5JVwy9T2Vf_VAN8moTcmq34maDUYmlFv8wsJ1-OvsCl60H8_54OCczo09-Hn4DVNL5uAi5hDv3XRM2A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGj5bL-r3IiAaexi0f5H37X-NTux1kdxpML5I5QEgQv6nMu9lZtWdoJKK5JVwy9T2Vf_VAN8moTcmq34maDUYmlFv8wsJ1-OvsCl60H8_54OCczo09-Hn4DVNL5uAi5hDv3XRM2A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-thiEqoHLHBrUMIqQdoq6rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corona.virus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Nov 2023 00:42:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-thiEqoHLHBrUMIqQdoq6rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://corona.virus.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7824033083365338&output=html&adk=1812271804&adf=3025194257&lmt=1700700168&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fcorona.virus.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700700168543&bpp=2&bdt=667&idt=124&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2719656768031&frm=20&pv=2&ga_vid=358309442.1700700169&ga_sid=1700700169&ga_hid=1508189444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3396920837303908&tmod=1899249179&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=140

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.virus.com/	1970-01-21 02:01:00	Name: _ga Value: GA1.2.358309442.1700700169
.virus.com/	1970-01-20 16:26:26	Name: _gid Value: GA1.2.1312103758.1700700169
.virus.com/	1970-01-20 16:25:00	Name: _gat_gtag_UA_183520360_1 Value: 1
corona.virus.com/	1970-01-20 17:08:12	Name: trp_language Value: de_DE
.virus.com/	1970-01-21 01:46:36	Name: __gads Value: ID=2fa53908bb774575:T=1700700169:RT=1700700169:S=ALNI_MYDA1xNn0HAXLyi0E7Qp79U2DDG0g
.virus.com/	1970-01-21 01:46:36	Name: __gpi Value: UID=00000cd895b75c9d:T=1700700169:RT=1700700169:S=ALNI_MYrrbkrJD5Qo5mMt7Opa3V_x77H5A
.doubleclick.net/	1970-01-20 16:25:03	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:46:36	Name: IDE Value: AHWqTUkO4JSryXWu35cbY0ZIdSTd4YBfSCWsyy1LwCq95qes-K705QRxE7MH3sjxg38
.googleadservices.com/	1970-01-20 18:34:36	Name: ar_debug Value: 1
.virus.com/	1970-01-21 01:10:36	Name: FCNEC Value: %5B%5B%22AKsRol_Ra5fccOh3V1Tva7jy1xwNCl1rhN5tIYsKLHh1agKoiSMXAT8YMOdTri8KAT1l4y4RfjB0aKMzNS3vdT3InGmRpyhS5kjfGN4dIihVuKFIFsQ1sH5wJ6YCEjAMZ4SmVBxKQF3sWu-Srw5I4dqCWCm0Tvvk-g%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

corona.virus.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
virus.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.virus.com
googleads.g.doubleclick.net
104.21.5.70
142.250.185.194
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200e
35.208.137.69
052ce930494ac6880d2dacdaa8414250417c6ecbbdfbb7bddc2d898c6bde8cb2
06104cd4b64a3a451cd2f1e23fdfd83f03f4982f0d4323f82029e9e6b9b4df66
0a1d847f842e378785dd93dbc9706e658718adb7f36f37d22428837b0e538bb4
0a2c7e175847b0c00f8d36b760f7560753b38f5b3170d2084789ce8728482102
100e22a84b43f458c3ef2b110358a2d33811474bbe26a09b4c56043dafa200ae
12c61d0debea7ba631b4f7339d3d0a4825fbf71aba8bc9a4b519505316637527
1331114ead33b190ae046cfb7f1b4d95d71f0607271c8cabaec507d382744c4f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
20357668d393ad6407bbaee8d07d4484032bdf3729f625a625b6bffa3d00dd34
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41e9dbae6f1a533b301805a98fdea8f087a1e0ce345fc74d448830cc8729d990
4bb4a3c25c67eae55cd30f8533e941ace5292156dca717c524de60deb10c2c4a
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
538e861566b76b29cd8678f2bbd1af88295349e814d2afa65735b4edb094854e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5764d4457791a6782c28129bf44ea51a86ef2a094f0bcf4d86a839ae46bd2b6f
57cecf1da34dfff4bd21cf42169a04a994e9c8084e20ad0444e0a61c9ac4d532
5ce43695629de9ce319fca6188703903e65c71824f09bd87725abc00dd125cba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d99187cb27c88e11f90408f82fa292e8ad82070b02a4f14a682772a7bcd008
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a2d500d4ac0bba5317698b68c383179098a0ad47879f56de7318ceb37fba68e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6baf44ba52bee819a59404441f9c59ba0cb30cfc0a0e60576b614c3649ac3db8
7a357eddc7ae3be6ef4ace572d4bf6c9dad621881a1bf39db6d844990fe99929
81d19b43648002f3d97abbb394a8601cf30f228fa1f8e3feeb9d7aa11f3c5e66
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835d9bcdf1abffbb90fb18866ec09f4c31d20171301f88cc878d161d70e92220
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
930ac5e96ae4e5d4c1c45a927f71a703752eab237124407205a91c0274ef1821
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
b4123e853e95c37d55c4d3ab62cba05b3918eaa06ac7f0af56c7508ba473028c
c2fb95eb339905cec43c769c2746a3be970f726d1176a3ca1928d60f464185b6
c3bb6d03e2442a683ae0bcb647da1951ec5c96ad59b569e640d8082748673e18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d3ce6966e9171ae43f21d4ad0ca72fa2dcf722fda141cd109742664627dbee93
d927acc0d73e19959da00079c76ef6f1d9513dd5f242d0f982cb65380cff166a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deeec8181fa712efacdd95679fcb93a9bf6daf1323e78c7b9bb1d7e0ecd56832
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5575aa16a0067df6658d5a8160dd98596cf8c84b87c5f67f31a3f56a00fd397
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ed723041b617707f4c5877d298d024e342ca47800ca1b7a9e8e664a20ffa0549
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cad6a27c9603570f20041a9fd8f0136dfc87bc8ed69b9d6599c6fb23b66add
f4d3bef87d1a2a9a73f56319c90279c76795aa921e80bb9319f0b99d3f5f7ef3
f97f985031b5c3d2409d408a4fb7cf923f7bb3a80a948bc179c5a78360a6e125
faeb38a8febce2eda4a050cdc2143623e023515bc5236462d6b2ab6fff262977

corona.virus.com Open in urlscan Pro 35.208.137.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

98 %HTTPS

73 %IPv6

8 Domains

12 Subdomains

11 IPs

3 Countries

1206 kBTransfer

4417 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

corona.virus.com Open in urlscan Pro
35.208.137.69 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

98 %
HTTPS

73 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

1206 kB
Transfer

4417 kB
Size

10
Cookies

88 HTTP transactions
1 data transactions