www.covidhealth.com Open in urlscan Pro
3.215.96.244 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.covidhealth.com/
Effective URL:
https://www.covidhealth.com/
Submission Tags: falconsandbox
Submission: On March 31 via api (March 31st 2022, 11:06:50 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 99 HTTP transactions. The main IP is 3.215.96.244, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.covidhealth.com.
TLS certificate: Issued by R3 on January 31st 2022. Valid for: 3 months.

This is the only time www.covidhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.215.96.244 3.215.96.244	14618 (AMAZON-AES) (AMAZON-AES)
13	143.204.98.89 143.204.98.89	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2600:9000:215... 2600:9000:2156:1e00:11:933c:5480:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:215... 2600:9000:2156:7400:11:933c:5480:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
16	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
99	20

3 3.215.96.244 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-96-244.compute-1.amazonaws.com

www.covidhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.98.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-89.fra50.r.cloudfront.net

cdnbuild.smartandstrong.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:1e00:11:933c:5480:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.poz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.poz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.poz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:7400:11:933c:5480:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.poz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 125	434 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	158 KB
13	poz.com cdn2.poz.com cdn.poz.com — Cisco Umbrella Rank: 922678 cdn3.poz.com — Cisco Umbrella Rank: 941565 cdn1.poz.com	410 KB
13	smartandstrong.com cdnbuild.smartandstrong.com — Cisco Umbrella Rank: 849909	358 KB
6	google.com www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 76	26 KB
5	gstatic.com www.gstatic.com	475 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 169	172 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 136	197 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 357	173 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 579 syndication.twitter.com — Cisco Umbrella Rank: 828	133 KB
3	covidhealth.com 1 redirects www.covidhealth.com	20 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 99	388 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39	20 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8069	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 782	421 B
99	15

	Domain	Requested by
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	cdnbuild.smartandstrong.com	www.covidhealth.com cdnbuild.smartandstrong.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.covidhealth.com
9	pagead2.googlesyndication.com	www.covidhealth.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	cdn.poz.com	www.covidhealth.com
5	www.gstatic.com	www.google.com
5	www.google.com	www.covidhealth.com www.gstatic.com www.google.com tpc.googlesyndication.com
5	www.googletagservices.com	www.covidhealth.com securepubads.g.doubleclick.net
4	connect.facebook.net	cdnbuild.smartandstrong.com connect.facebook.net
4	maps.googleapis.com	www.covidhealth.com maps.googleapis.com
3	cdn2.poz.com	www.covidhealth.com
3	www.covidhealth.com	1 redirects cdnbuild.smartandstrong.com
2	www.facebook.com
2	www.google-analytics.com	cdnbuild.smartandstrong.com www.google-analytics.com
2	platform.twitter.com	cdnbuild.smartandstrong.com platform.twitter.com
2	cdn1.poz.com	www.covidhealth.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn3.poz.com	www.covidhealth.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
99	23

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.smartandstrong.com
www.cancerhealth.com
www.hepmag.com
www.poz.com
www.newsbreak.com
www.realhealthmag.com
www.tusaludmag.com

Subject Issuer	Validity	Valid
covidhealth.com R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
smartandstrong.com R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
poz.com R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-08` - `2022-04-08`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.covidhealth.com/
Frame ID: C2DF4A579A49554937091EA8A4279070
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html
Frame ID: 5079A6834250DE1008E273F7423D2EC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9407929500780705&output=html&adk=1812271804&adf=3025194257&lmt=1648768003&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.covidhealth.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648768003005&bpp=4&bdt=369&idt=196&shv=r20220329&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6855568096844&frm=20&pv=2&ga_vid=1717619655.1648768003&ga_sid=1648768003&ga_hid=139785502&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371%2C31065922&oid=2&pvsid=2911518340040989&pem=847&tmod=1997923500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: CBC4F97F51825A3589F1DEBC61F5AC30
Requests: 1 HTTP requests in this frame

Frame: https://841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E2370DFFB9D055877CF61B00020B58FD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-0btLBEiUR_QweI4P6QLX4g2KFNkEUbl2TbCNJ7V3OUX4FzwEKHMJDsKssUUtOuLcKUpE8WKQ3iK7JjkQhyJDrskl06RTRN7MeglYcJaiWhn5lUrJjvdZ6qKw7enEC6NZYsvdK9ZY6f2mm1v1x0CxcU_lxiYPAgkcoaOXWa0Mhx2sj70xt_pjpS9aVv-lHOLQG5EStOIjk0SLjJKkUgDthspu_pFKCeW80WLAiDgeYq0nDXY3sn-G1XacN37WTBCLXbRF5eGu-W1sp9tBmhffFGjMzyruj5fOnQTSkCsuuK_5B0qi6AbL-4cc03gbEg&sai=AMfl-YTaIXIWrCnoj7zIZINyptQMmIz8cVOniXxWrpRMv_zMi6YWnlU4Sv9A6pbHqGp3rxVFIB1-sKnMlsABe8S4tQTMYz91RJCjOa_cgFll8g&sig=Cg0ArKJSzHZvwxtSmtfDEAE&uach_m=[UACH]&adurl=
Frame ID: 1E92C49C17E7343AAF0A146F62CAE618
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3p53QpOQQwpCfKX6K-mxmYNkdA0qF6iBDZqDo8nYPTnQdEwhlSiFxdsayFYYep7ZsCbcsKP6hl1DYqLxWrXxUX0VRBmAPoBz0UyQKlGUtjiLxjIEu7IUXALepzGxYmocxjffndx-517FacfO142RDz14oeh0YiaXfLSUciW0eGMDoy6X2UGn1wgCbfk9wsr0fa1lQdSY2-NAe4dO6S55tgcBpxHMW8XjP3exdYSuyOLG7OlwexlSylH0ROgOo59f8BK3ierHCJUjp5u3bBv9T9ByabKOcTp1QIlTo5hoMLve6Heu860DiLg1b7Gg5gSYViA&sai=AMfl-YQqFP_F-jrMrahSWXV3DxJhEKNaQc1C-SH2FZ0rU920W7YBwlQC04hqut1GoyyTJNlO36UV-z5cjeboa2b1egLpQD5jZjcpGEyTsVGzjQ&sig=Cg0ArKJSzDLHlMU2gnOcEAE&uach_m=[UACH]&adurl=
Frame ID: B893F2232E998B6E7807AF93450BAF49
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIMA1pg2LR__6lwDxhxheUGs_yJctT89Rmt_7qwMEL5mj6Pm31cjVD7ICIIObsSNksc-xIlq-kmGmwMLJxaxgI6oqNclJ8ObpU4x1b9Nb8xC-TZA9Tam0G5EdP-6YrtJf5ueYdM2OtRtp3WZjfrZlSvLs4SwTh9LuKw9OfNZs4C1EV3zwy_Bxts0H-TC_DhzGrIJ38MnhG6l4KJyY99H_ipLFl5Ot39-lrQfU3Fq8bgGBs6CdY8xkArSTAmPlxup8lWJsWyg7eTzfGmRVrGncu2U7X-kZZ5FaAlKXcqUqTUxKWGgKPLK6sSL4U6zfS&sai=AMfl-YTI8PQQBx8chLmRpEJQHRFLqaf93szim3QmJuUy0IiVlXPkr_1PTkE1AiNkqhs9rqhwxEoNNP6oqb3DQNgHUU05K9z_1cypGTqM4-8iUw&sig=Cg0ArKJSzAQiaIkBiUbEEAE&uach_m=[UACH]&adurl=
Frame ID: 430419FC15727A13C3F5C7C7C2278871
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQX5j-lgrMfgf1Kgg0hpUy0EHHjpXzqkO14b51T8XgFkF-65FXKHX8xDPSEjLHHJbZl-CK10GOpRoqT4j1kQzi5OPALFPWS8AeaTrXGH1fm15u6iX6hETVcQfX2Pax1ThwoTO6xfJgPnxYpAmcqwGEJjXpirVJCeZ-GJx37tpNbIWvViftviIdm3jjvI67tYmj0_p-9jFjxFlqob_hBKxF2mdiD5RRE-7F748_BhksfBZi6UupsU7cxVm8r42kWthPsQbuqr5eRTUNP-NJSGmoX9Dfxz-WeAsiDvfLDCnGv7NmBr_qppNtwtPbhV-y&sai=AMfl-YRSwhg9YhNzEgrYRfIsOx7RyxVpBwOZOhBlch2tByzOlvVAoEfXNAreaSmPEr4q6H4OZf-pZfPvw731E-OTu1IEGGcbkAttMxu3yA4tjQ&sig=Cg0ArKJSzBtQ1G2QSyY_EAE&uach_m=[UACH]&adurl=
Frame ID: 149E6B6EC0E87BA9FC693D0C250725F3
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv&co=aHR0cHM6Ly93d3cuY292aWRoZWFsdGguY29tOjQ0Mw..&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=8tqt56jhky8p
Frame ID: C170F7C733D5F16A8F55416B165F4618
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv
Frame ID: B91D04EB825E862D6B38A5F80AEC2B2A
Requests: 3 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.covidhealth.com
Frame ID: 4C50AD19722FFE3E08CE554C70682E2D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1AB4535FB0095AA49A418FC1E8609AB4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11EE0C643F5A32806F9B098D67C60809
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

COVID Health Home Page - COVID Health

Page URL History Show full URLs

http://www.covidhealth.com/ HTTP 301
https://www.covidhealth.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

99
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

23
Subdomains

20
IPs

2
Countries

2579 kB
Transfer

6225 kB
Size

10
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/covidhealthmag

Search URL Search Domain Scan URL

URL: https://www.facebook.com/covidhealthmag

Search URL Search Domain Scan URL

URL: http://www.smartandstrong.com/
Title: Smart + Strong

Search URL Search Domain Scan URL

URL: https://www.cancerhealth.com/tag/coronavirus
Title: Living with Cancer? Find COVID-19 News Just For You Here.

Search URL Search Domain Scan URL

URL: https://www.hepmag.com/tag/coronavirus
Title: Living with Liver Disease? Find COVID-19 News Just For You Here.

Search URL Search Domain Scan URL

URL: https://www.poz.com/tag/coronavirus
Title: Living with HIV? Find COVID-19 News Just For You Here.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/covidhealthmag/

Search URL Search Domain Scan URL

URL: https://www.newsbreak.com/@c/560351

Search URL Search Domain Scan URL

URL: https://www.cancerhealth.com/
Title: CANCER HEALTH

Search URL Search Domain Scan URL

URL: https://www.realhealthmag.com/
Title: REAL HEALTH

Search URL Search Domain Scan URL

URL: https://www.tusaludmag.com/
Title: TU SALUD

Search URL Search Domain Scan URL

URL: https://www.hepmag.com/
Title: HEP

Search URL Search Domain Scan URL

URL: https://www.poz.com/
Title: POZ

Search URL Search Domain Scan URL

URL: https://www.smartandstrong.com/
Title: SMART + STRONG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.covidhealth.com/ HTTP 301
https://www.covidhealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.covidhealth.com/
Redirect Chain

http://www.covidhealth.com/
https://www.covidhealth.com/

75 KB
15 KB

409ms
201ms

Document
text/html

3.215.96.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidhealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.96.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-96-244.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

93b7503f71cd703183b7256efa501cda602077e3574b8c2b8d2135140d083a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: max-age=120
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 31 Mar 2022 23:06:43 GMT
expires: Thu, 31 Mar 2022 23:08:43 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-cache: STALE

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Thu, 31 Mar 2022 23:06:42 GMT
Location: https://www.covidhealth.com:443/
Server: awselb/2.0

GET
H2 200 app.min-d2bd119d0d.css
cdnbuild.smartandstrong.com/build/css/ 238 KB
42 KB 62ms
17ms Stylesheet
text/css 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b03bb55c9a16c0c1e41e036855899369c2deff97d04dc1cdb087c6a269db7409

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:19 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:56:35 GMT
server: nginx/1.18.0 (Ubuntu)
age: 9564
etag: W/"623ca2c3-3b7ba"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PYjIrOLBDc7ZGcxOIU8p5txECtTstGM0c9z_NCaSwIZeyBEw0EQgAg==
expires: Sat, 30 Apr 2022 20:27:19 GMT

GET
H2 200 main.min-91fad5c423.css
cdnbuild.smartandstrong.com/build/css/ 97 KB
19 KB 64ms
19ms Stylesheet
text/css 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/css/main.min-91fad5c423.css
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 43167a45e0e87496ba097857afdb0c5b543f4116decc7f13a5f757ccbe4d2274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:19 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:56:35 GMT
server: nginx/1.18.0 (Ubuntu)
age: 9564
etag: W/"623ca2c3-182c1"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: xIlcWNWUWAYcvg5uPlmqJQqU-DZqqESGf0LzRwExMEd9Fk3rE8yE3A==
expires: Sat, 30 Apr 2022 20:27:19 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
cdnbuild.smartandstrong.com/js/ 94 KB
33 KB 55ms
10ms Script
application/javascript 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/js/jquery-1.11.0.min.js
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 01:07:03 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:21:32 GMT
server: nginx/1.18.0 (Ubuntu)
age: 2498380
etag: W/"6217a27c-1787d"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rbVSBCV_vTgHimNv-EI8WYrgn7OxwuyhP9aOPMmLIZ-WQ8_YPUVAhQ==
expires: Sat, 02 Apr 2022 01:07:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 136ms
47ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28182
x-xss-protection: 0
server: sffe
etag: "1174 / 606 of 1000 / last-modified: 1648764434"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Mar 2022 23:06:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 159ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36bed068820a0c27fcdf95623c4b74c745cc75555f1eddbe4f984bb96479fcb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54013
x-xss-protection: 0
server: cafe
etag: 1859967711498588954
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:06:43 GMT

GET
H2 200 97810_COVID-Health-Logo-white.jpg_da9ceb93-31a7-4eaa-a0f6-32c5bc3aaed5.jpeg
cdn2.poz.com/ 12 KB
13 KB 81ms
24ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.poz.com/97810_COVID-Health-Logo-white.jpg_da9ceb93-31a7-4eaa-a0f6-32c5bc3aaed5.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1d86274252aadd002d37c4ff08980e0247c63dff95d59ef05c4a55677964c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 14:40:51 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Tue, 25 Aug 2020 18:19:06 GMT
server: AmazonS3
age: 30353
etag: "56b0d768426bb760cf892d2864472a81"
x-cache: Hit from cloudfront
x-amz-version-id: y7EY4Ya_RIjFc__V00gZ0k_PGl4WuLeo
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 12785
x-amz-cf-id: oAqWd6B3HQUof5qOggxKox-rSHYnd4CT9-vUigT0s6J9ZmwvB9UOAQ==

GET
H2 200 97737_COVID-Health-Logo.jpg_a4c24154-12ff-4a3a-ac15-fbeabf53f237.jpeg
cdn.poz.com/ 13 KB
14 KB 76ms
22ms Image
image/jpeg 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/97737_COVID-Health-Logo.jpg_a4c24154-12ff-4a3a-ac15-fbeabf53f237.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcba12e35a2a3acd81a986939a922b1616f2bde74e914734a7280d12d889569c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 30 Mar 2022 09:19:40 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 18:15:55 GMT
server: AmazonS3
age: 136024
etag: "86a359e8de16a5022ea1d574937a8852"
x-cache: Hit from cloudfront
x-amz-version-id: XfSbgKfg0b5n6Zud56O.tfUnwevhomhg
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 13759
x-amz-cf-id: nag4wWbA9wBdLzpPFhT6WRg29NmbZKKi7nDvmcpaTEVweAAa1Kr18Q==

GET
H2 200 app.scripts.min-20fa973885.js Show response
cdnbuild.smartandstrong.com/build/js/ 207 KB
53 KB 10ms
9ms Script
application/javascript 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/js/app.scripts.min-20fa973885.js
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 756dc7db1826f7604f5649280fbd0c2b54fd353801acc1ab9d32c62b8f0aebfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 23:27:08 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:21:32 GMT
server: nginx/1.18.0 (Ubuntu)
age: 2417975
etag: W/"6217a27c-33a6d"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LeBV4dNro1SM0nMUFP0_9pJ2gnKwxa3Ek-M7ayDUiM-EmMDAU7We0Q==
expires: Sat, 02 Apr 2022 23:27:08 GMT

GET
H2 200 summaryBlock.js Show response
cdnbuild.smartandstrong.com/js/ 674 B
1 KB 393ms
393ms Script
application/javascript 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/js/summaryBlock.js
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bc69c5a9edf51cef5b3aea70368663e5591fd58e2a599c783ab198f92e906833

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 16:56:35 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA50-C1
etag: "623ca2c3-2a2"
vary: Accept-Encoding,Origin
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 674
x-amz-cf-id: Hkq0Ch-0qxFq7Gi3H5Rjf94onGETHdAvF15K79_gJJRjPPMY8wS6qw==
expires: Sat, 30 Apr 2022 23:06:43 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 130ms
46ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 31 Mar 2022 23:06:43 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 166 KB
55 KB 157ms
68ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDt6Sjywu6k0Z3_k9AP0p3ZfAReO5UrS9A&libraries=places&language=en

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9df223e728926e03011e634b0ffe6745a1e34e69aa44212d18c6752a43fe9552

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55699
x-xss-protection: 0
expires: Thu, 31 Mar 2022 23:36:43 GMT

GET
H2 200 sub.png
cdnbuild.smartandstrong.com/build/images/ 2 KB
2 KB 9ms
9ms Image
image/png 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnbuild.smartandstrong.com/build/images/sub.png
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ac442415ba9ed860e31fbed653979b5ea9fbd3562fa3f6404603e1d42107096a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 07:59:13 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Sep 2021 21:35:36 GMT
server: nginx/1.18.0 (Ubuntu)
age: 14396849
etag: "61538aa8-76f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1903
x-amz-cf-id: NoCdQPe_20U8YdhVR0LGbNBu6t70qUxiIwq6_IKqzjxMawOAQw42vw==
expires: Sun, 16 Oct 2022 07:59:13 GMT

GET
H2 200 fontawesome-webfont.woff2
cdnbuild.smartandstrong.com/build/fonts/ 55 KB
56 KB 34ms
13ms Font
font/woff2 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:19 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9564
x-cache: Hit from cloudfront
content-length: 56780
last-modified: Thu, 24 Mar 2022 16:56:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c6-ddcc"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: bVf872YQO9FLROLQ90RtnN8Wb7FeN50dxmb8rwJGT0HyvKoSIgEphg==
expires: Fri, 31 Mar 2023 20:27:19 GMT

GET
H2 200 tradegothiclt.woff
cdnbuild.smartandstrong.com/build/fonts/ 28 KB
29 KB 51ms
30ms Font
font/woff 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/tradegothiclt.woff
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d199a730d6d96e1c00cdef2cee3eaec9093fc956dbffb32dd846c431aa7ccf10

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9563
x-cache: Hit from cloudfront
content-length: 29164
last-modified: Thu, 24 Mar 2022 16:56:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c0-71ec"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: AgMXcM41zfW5Fmkpf0R9xVYGKOOL4zlPG1j2M8Wg4sLHrZvjDwZ_ww==
expires: Fri, 31 Mar 2023 20:27:20 GMT

GET
H2 200 OpenSans-Regular.woff2
cdnbuild.smartandstrong.com/build/fonts/2021/ 44 KB
44 KB 46ms
27ms Font
font/woff2 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/2021/OpenSans-Regular.woff2
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9563
x-cache: Hit from cloudfront
content-length: 44648
last-modified: Thu, 24 Mar 2022 16:56:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c6-ae68"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: wgb89K5QM3sV6-x2cw-mmBW-0gfS7aAFNls2O4JnXnM9l98twrC2RQ==
expires: Fri, 31 Mar 2023 20:27:20 GMT

GET
H2 200 tradegothicno2bold.woff
cdnbuild.smartandstrong.com/build/fonts/ 18 KB
19 KB 30ms
13ms Font
font/woff 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/tradegothicno2bold.woff
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 691928b7419a93dab23d6b38289eea49ceab03de5ccbc744165cfe1386495b22

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9563
x-cache: Hit from cloudfront
content-length: 18940
last-modified: Thu, 24 Mar 2022 16:56:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c6-49fc"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: bT2be7qehnYT7w1Qs62HQtBGwj_s6F-zdUizgB__ZPU3fNgUbWv1sQ==
expires: Fri, 31 Mar 2023 20:27:20 GMT

GET
H2 200 tradegothicno20condensedbold.woff
cdnbuild.smartandstrong.com/build/fonts/ 19 KB
19 KB 30ms
28ms Font
font/woff 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/tradegothicno20condensedbold.woff
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7db3cb27fac91394b62862710647af245735240ce2ac0bdc9d9eef97d3539ece

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9563
x-cache: Hit from cloudfront
content-length: 19284
last-modified: Thu, 24 Mar 2022 16:56:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c6-4b54"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: 9aeAwfk-SmQLs1oBud3b7MRWmSnEmuT7Kf09JcH1vn6ly3GJ8P2SIg==
expires: Fri, 31 Mar 2023 20:27:20 GMT

GET
H2 200 FarnhamTextRegularItalLF.woff
cdnbuild.smartandstrong.com/build/fonts/ 39 KB
40 KB 15ms
13ms Font
font/woff 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/build/fonts/FarnhamTextRegularItalLF.woff
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f869c5a344395c6cd1d3fab6c5f599316de864067c87de9b161c7a59118212b0

Request headers

Referer: https://cdnbuild.smartandstrong.com/build/css/app.min-d2bd119d0d.css
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:27:20 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 9563
x-cache: Hit from cloudfront
content-length: 40084
last-modified: Thu, 24 Mar 2022 16:56:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "623ca2c0-9c94"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff
access-control-allow-origin: https://www.covidhealth.com
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: Origin
x-amz-cf-id: Sz1t5k9ZmO7bzma1DJMW0rIzoKYW9nMEK_XFDU4tnZg5O4KsD4RyEQ==
expires: Fri, 31 Mar 2023 20:27:20 GMT

GET
H2 200 pubads_impl_2022032106.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 130ms
38ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 20:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126678
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 20:13:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 31 Mar 2023 20:10:06 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 117 B
729 B 135ms
46ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.covidhealth.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

02aa99d2d453b91eb6b5fea89914288e5c5a532ad2a9fe1458080cfb03b743bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Thu, 31 Mar 2022 23:06:43 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/ 300 KB
108 KB 69ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9407929500780705&plah=www.covidhealth.com&bust=31065922

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d548daa3e8e081bfcab62c16ccceaedb1adfee03fb512e305674875701656ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109970
x-xss-protection: 0
server: cafe
etag: 12212585274564506912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Mar 2022 23:06:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/ Frame 5079 10 KB
5 KB 124ms
39ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 7123
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 21:08:00 GMT
etag: 4044455266028820542
expires: Thu, 14 Apr 2022 21:08:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ 361 KB
143 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidhealth.com/
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 21:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 21:40:02 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 104ms
56ms XHR
application/json 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDt6Sjywu6k0Z3_k9AP0p3ZfAReO5UrS9A&libraries=places&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.covidhealth.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 get-sidebar Show response
www.covidhealth.com/ 16 KB
5 KB 239ms
239ms XHR
text/html 3.215.96.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidhealth.com/get-sidebar?sidebarKey=sidebar.all.Homepage

Requested by

Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/js/jquery-1.11.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.215.96.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-96-244.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

57a6f0dc6f924fabdcdc4e84b1c13db130c326d1f7d62dd824343ea35258286f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: */*
Referer: https://www.covidhealth.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
cache-control: max-age=120
strict-transport-security: max-age=31536000; includeSubdomains
expires: Thu, 31 Mar 2022 23:08:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
421 B 47ms
46ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.covidhealth.com&callback=_gfp_s_&client=ca-pub-9407929500780705

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9407929500780705&plah=www.covidhealth.com&bust=31065922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

ce338daab1e4066e36ff0622ad37c040602555645b43d305ce395a4286be124b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 142ms
48ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.covidhealth.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.covidhealth.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.covidhealth.com%2F&tn=HEADER&cls=navbar%20header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 23:06:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBC4 0
19 B 168ms
123ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9407929500780705&output=html&adk=1812271804&adf=3025194257&lmt=1648768003&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.covidhealth.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648768003005&bpp=4&bdt=369&idt=196&shv=r20220329&mjsv=m202203280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6855568096844&frm=20&pv=2&ga_vid=1717619655.1648768003&ga_sid=1648768003&ga_hid=139785502&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31065371%2C31065922&oid=2&pvsid=2911518340040989&pem=847&tmod=1997923500&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 23:06:44 GMT
expires: Thu, 31 Mar 2022 23:06:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 121790_P01-21-003.jpg_313e5723-4532-4a04-ad28-24f8a0298f1f.jpeg
cdn2.poz.com/ 47 KB
48 KB 782ms
780ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.poz.com/121790_P01-21-003.jpg_313e5723-4532-4a04-ad28-24f8a0298f1f.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe88cb18cff2dad2d142dc131b7ff6233c01b8ffc6ba393cab2cf5ade068cdd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 21 Feb 2022 02:00:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "bfd7a27ff9ce634c8c9bc958ecc1e824"
x-cache: Miss from cloudfront
x-amz-version-id: qJNoUu.iQXCuJ4Rof2tl1GI6NHF5vna2
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 48627
x-amz-cf-id: plaIn9rmfWONBe6SSfnxdiGcc9wfvoiufHbCtxEKDhQfQPTTxLGSvQ==

GET
H2 200 121793_Paxlovid-Pfizer-pills-lg.jpg_97d64646-cce7-4dd2-a4ed-acf69343ed3f.jpg
cdn3.poz.com/ 13 KB
13 KB 703ms
674ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.poz.com/121793_Paxlovid-Pfizer-pills-lg.jpg_97d64646-cce7-4dd2-a4ed-acf69343ed3f.jpg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc18718638c1dd00b90d3fda16d795862f9729e39788205f1b841f444983ed8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Mon, 21 Feb 2022 02:02:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "40719f96f613f2224a4255cdf218d126"
x-cache: Miss from cloudfront
x-amz-version-id: FuWfsJ6y6b1g7WlnVrJc.dDCeMCl2O15
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 13088
x-amz-cf-id: UZq2T255fuTN4Aok8KQ0FJQdCMbMxQkhkJVFqoOWqrjVcfxZJsTHFg==

GET
H2 200 102086_P06-20-015.jpg_62f7f83a-cb79-40c6-b2d3-04c285e3915d.jpeg
cdn2.poz.com/ 21 KB
21 KB 692ms
690ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.poz.com/102086_P06-20-015.jpg_62f7f83a-cb79-40c6-b2d3-04c285e3915d.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3464adb39cb32382dd030e9338d774d3c786b18f0ac9e4c508ad6d99fb9c9f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Wed, 18 Nov 2020 16:44:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "4a8e302802ed2f06c139d1b11d8d9876"
x-cache: Miss from cloudfront
x-amz-version-id: mpWP_MMLJdflRazw4nKKqpxpSXnXBsg6
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 21202
x-amz-cf-id: O0v86V2r0TEOkUCVx3wHXz8XaP4zBaA8PcdNX6RqUF27vxVt_8FThA==

GET
H2 200 123426_iStock-1270698883.jpg_5d4f8823-10d8-4182-8b27-6042a01b9805.jpg
cdn.poz.com/ 6 KB
6 KB 674ms
673ms Image
image/jpeg 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/123426_iStock-1270698883.jpg_5d4f8823-10d8-4182-8b27-6042a01b9805.jpg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c567e34231ec1db0224fbdbfe841df184f40dd2e7fae5c172f856b3965eebf4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 20:17:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "fb8ab387c64ced53ccadd5b64e7ba51a"
x-cache: Miss from cloudfront
x-amz-version-id: tNysi7dxnnyQmFWWeXEci4LkbV7OmDti
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
content-length: 5689
x-amz-cf-id: oYstG8ZK_724hx4X-HBpe7PrHKPzY4KJ5xjt-MqZj33wj-gyPzbpBg==

GET
H2 200 123422_iStock-949748772.jpg_449f00c0-7a05-4e52-b431-c3ad0a7fe24c.jpeg
cdn.poz.com/ 4 KB
5 KB 13ms
12ms Image
image/jpeg 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/123422_iStock-949748772.jpg_449f00c0-7a05-4e52-b431-c3ad0a7fe24c.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 621a7da5d864695fe3720c8947670c8673c8853da1934de08672e0c1ff02087d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:36:46 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 19:22:26 GMT
server: AmazonS3
age: 617398
etag: "2f40816a685566e96b85f7ec6c5b7344"
x-cache: Hit from cloudfront
x-amz-version-id: 21oJpEHNyq4C48QI.yWYhh75OaUVMs9F
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4533
x-amz-cf-id: rfnDnPVJsPUwLRZ4fhVHIMnXjcbhzIy05b8zZMBB45_6K3XFdzvmiA==

GET
H2 200 123418_iStock-1219978307.jpg_29548292-15ae-4b56-9a5d-587bf176ca54.jpeg
cdn1.poz.com/ 10 KB
10 KB 55ms
21ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.poz.com/123418_iStock-1219978307.jpg_29548292-15ae-4b56-9a5d-587bf176ca54.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8aa522dee7d47585e3727366d8c19bf693a12b21f9d845e78de4d0389c90011e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 18:50:54 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 18:47:40 GMT
server: AmazonS3
age: 620149
etag: "0a2f70f4cc7b0401edeb2053399a4c95"
x-cache: Hit from cloudfront
x-amz-version-id: aTX4W8i0Wgb_wFL5zpc4benRaEce9c7I
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10105
x-amz-cf-id: WCwN_n0cQ4IU3ojBK-T0RMxB0ZbPFJhHgm9s--UOJYyZlKRCCSZwEw==

GET
H2 200 123073_iStock-1218792909.jpg_b87444f1-6d4e-4cfb-b4d2-85942d6f38be.jpeg
cdn1.poz.com/ 9 KB
9 KB 54ms
20ms Image
image/jpeg 2600:9000:2156:1e00:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.poz.com/123073_iStock-1218792909.jpg_b87444f1-6d4e-4cfb-b4d2-85942d6f38be.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1e00:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32f2485f51f3b94a62cba2cb991de7a18b7411a1aaa58711baf89e5271ca5d76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 05:01:25 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
last-modified: Thu, 17 Mar 2022 04:39:14 GMT
server: AmazonS3
age: 1274719
etag: "d896679bbd4e70f706fb7d93441f0a21"
x-cache: Hit from cloudfront
x-amz-version-id: 4k2LWq0TZqOmuUCi9PVQapSacRrtowVj
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 8717
x-amz-cf-id: LM54la7NqqjeR7R80Uf4L0PQ1zBw2leWZbCHxLtVGiW9YMEoOHPL8w==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 196 KB
28 KB 144ms
99ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2911518340040989&correlator=4187467791400713&eid=31066026&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=1022064%2Ccovid-728x90-top%2Ccovid-728x90-middle%2Ccovid-300x250-1%2Ccovid-300x250-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x50%7C320x100%7C300x250%7C728x90%7C320x50%2C300x50%7C300x250%7C728x90%7C320x50%7C320x100%2C300x250%7C300x50%7C320x100%7C320x50%2C320x50%7C320x100%7C300x250%7C300x50&ifi=2&adks=194574815%2C649646794%2C687270499%2C128249672&sfv=1-0-38&ecs=20220331&fsapi=false&cust_params=author%3D%26categories%3D%26tags%3D%26url%3Dhttps%253A%252F%252Fwww.covidhealth.com%252F%26slug40%3D&sc=1&cookie_enabled=1&abxe=1&dt=1648768003287&lmt=1648768003&dlt=1648768002636&idt=614&biw=1600&bih=1200&adxs=718%2C354%2C-9%2C-9&adys=130%2C3987%2C-9%2C-9&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.covidhealth.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C732x90%7C0x-1%7C0x-1&msz=0x-1%7C732x0%7C0x-1%7C0x-1&fws=516%2C4%2C2%2C2&ohw=1600%2C1600%2C0%2C0&ga_vid=1717619655.1648768003&ga_sid=1648768003&ga_hid=139785502&ga_fc=false&btvi=0%7C1%7C-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

2892575581008eaa25914f01b7b03e56e2cf357d42fb8e668f5baa21c3c0bc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28930
x-xss-protection: 0
google-lineitem-id: 4940647322,4948340124,4940393232,4940393232
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383807875,138259169016,138383807791,138383296121
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.covidhealth.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E237 6 KB
4 KB 161ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 23:06:44 GMT
expires: Fri, 31 Mar 2023 23:06:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 spacer.gif
cdn.poz.com/ 43 B
433 B 9ms
8ms Image
image/gif 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/spacer.gif
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 00:07:41 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Sun, 09 Jun 2019 14:40:37 GMT
server: AmazonS3
age: 1724343
etag: "df3e567d6f16d040326c7a0ea29a4f41"
x-cache: Hit from cloudfront
x-amz-version-id: SK8e4FNq8PokTMBRYaRa3Z8NTrb1cD3f
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 43
x-amz-cf-id: -pX147fkW8JpZ6VxEtMz-x8Y0JsDt8TRKeLm6U8chUS3nWJ_JRqcLQ==

GET
H2 200 2422_Facebook-crop.jpg_dc5e2b82-9bf0-4597-82fc-26c1e05a9954.jpeg
cdn.poz.com/ 166 KB
167 KB 10ms
10ms Image
image/jpeg 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/2422_Facebook-crop.jpg_dc5e2b82-9bf0-4597-82fc-26c1e05a9954.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e9bee3e673497b594d32c418299e69eea110055a82c384ff3751f9f6be6dfaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:51:04 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2017 18:38:29 GMT
server: AmazonS3
age: 21694540
etag: "18c5d526d0e3ba4d5afb5038e64ae001"
x-cache: Hit from cloudfront
x-amz-version-id: wn5l2EsQMWqglaC7YVIvpl3NdPR.0XER
x-amz-storage-class: STANDARD_IA
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 169805
x-amz-cf-id: ruwy3qGKD4C3JlejNFeI2uUkjLyRmxuw6llszQPul3C2kkvKXqoJGA==

GET
H2 200 2453_Twitter-Icon-crop.jpg_2f2fc6de-b8b2-4026-b26d-b2b3e33cc863.jpeg
cdn.poz.com/ 101 KB
101 KB 17ms
17ms Image
image/jpeg 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/2453_Twitter-Icon-crop.jpg_2f2fc6de-b8b2-4026-b26d-b2b3e33cc863.jpeg
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44a505daedea32fd28841689f89e934570451122229644c1e3efd62994159b1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:06:57 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2017 18:38:43 GMT
server: AmazonS3
age: 11023188
etag: "7006ebf7792688d287ccd41ba83d0011"
x-cache: Hit from cloudfront
x-amz-version-id: s20qeaO7_yH24rTbyZ7oCmwX0p5ctaAA
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 103227
x-amz-cf-id: Qx3vhnqdp3sorzfNLOUSZQVe6RvRUnk_8xTHgoQAbNn64ttjFH3JJw==

GET
H2 200 94098_News-Break.gif_675c4d8f-f223-4ae5-a3bc-4ffd9d31c7d6.gif
cdn.poz.com/ 3 KB
3 KB 18ms
18ms Image
image/gif 2600:9000:2156:7400:11:933c:5480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.poz.com/94098_News-Break.gif_675c4d8f-f223-4ae5-a3bc-4ffd9d31c7d6.gif
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7400:11:933c:5480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9978a7c6be70a8af17f13027ee658e098e3a99d10c719e4b57ef4f745014f9ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 20:48:49 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified: Thu, 04 Jun 2020 21:39:37 GMT
server: AmazonS3
age: 21694676
etag: "e46598e1093af5ebcce1cba45af2b7c5"
x-cache: Hit from cloudfront
x-amz-version-id: ajSompM8ihQHWtXJchlwN04AX_QDR7Lx
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 2598
x-amz-cf-id: KW4vH0VlIz2TUto6ZNv8vJhgeJJ10RyEkNfStvETjTS7XP9ye-dN6w==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E92 0
0 89ms
89ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-0btLBEiUR_QweI4P6QLX4g2KFNkEUbl2TbCNJ7V3OUX4FzwEKHMJDsKssUUtOuLcKUpE8WKQ3iK7JjkQhyJDrskl06RTRN7MeglYcJaiWhn5lUrJjvdZ6qKw7enEC6NZYsvdK9ZY6f2mm1v1x0CxcU_lxiYPAgkcoaOXWa0Mhx2sj70xt_pjpS9aVv-lHOLQG5EStOIjk0SLjJKkUgDthspu_pFKCeW80WLAiDgeYq0nDXY3sn-G1XacN37WTBCLXbRF5eGu-W1sp9tBmhffFGjMzyruj5fOnQTSkCsuuK_5B0qi6AbL-4cc03gbEg&sai=AMfl-YTaIXIWrCnoj7zIZINyptQMmIz8cVOniXxWrpRMv_zMi6YWnlU4Sv9A6pbHqGp3rxVFIB1-sKnMlsABe8S4tQTMYz91RJCjOa_cgFll8g&sig=Cg0ArKJSzHZvwxtSmtfDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 1E92 19 KB
8 KB 145ms
42ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:01:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 1E92 2 KB
1 KB 276ms
173ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:04:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1E92 119 KB
36 KB 53ms
52ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 3273432425687064089
tpc.googlesyndication.com/simgad/ Frame 1E92 61 KB
61 KB 260ms
159ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3273432425687064089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a9e289c654ccf886ca8befd112aa2b107ee83d89a1b600ffb69b1c97d2ecbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 09:28:01 GMT
x-content-type-options: nosniff
age: 221923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62744
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 15:14:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 09:28:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B893 0
0 87ms
87ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3p53QpOQQwpCfKX6K-mxmYNkdA0qF6iBDZqDo8nYPTnQdEwhlSiFxdsayFYYep7ZsCbcsKP6hl1DYqLxWrXxUX0VRBmAPoBz0UyQKlGUtjiLxjIEu7IUXALepzGxYmocxjffndx-517FacfO142RDz14oeh0YiaXfLSUciW0eGMDoy6X2UGn1wgCbfk9wsr0fa1lQdSY2-NAe4dO6S55tgcBpxHMW8XjP3exdYSuyOLG7OlwexlSylH0ROgOo59f8BK3ierHCJUjp5u3bBv9T9ByabKOcTp1QIlTo5hoMLve6Heu860DiLg1b7Gg5gSYViA&sai=AMfl-YQqFP_F-jrMrahSWXV3DxJhEKNaQc1C-SH2FZ0rU920W7YBwlQC04hqut1GoyyTJNlO36UV-z5cjeboa2b1egLpQD5jZjcpGEyTsVGzjQ&sig=Cg0ArKJSzDLHlMU2gnOcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame B893 19 KB
8 KB 139ms
43ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:01:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame B893 2 KB
1 KB 270ms
174ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:04:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B893 119 KB
36 KB 86ms
86ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 13588132669414302721
tpc.googlesyndication.com/simgad/ Frame B893 20 KB
20 KB 223ms
128ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13588132669414302721

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d3bac2054b92d9648cbf1e64adf71e8987f0c64ab94087c4ec412a503f5231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 02:07:44 GMT
x-content-type-options: nosniff
age: 248340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20616
x-xss-protection: 0
last-modified: Wed, 06 Feb 2019 17:02:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 02:07:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4304 0
0 101ms
101ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIMA1pg2LR__6lwDxhxheUGs_yJctT89Rmt_7qwMEL5mj6Pm31cjVD7ICIIObsSNksc-xIlq-kmGmwMLJxaxgI6oqNclJ8ObpU4x1b9Nb8xC-TZA9Tam0G5EdP-6YrtJf5ueYdM2OtRtp3WZjfrZlSvLs4SwTh9LuKw9OfNZs4C1EV3zwy_Bxts0H-TC_DhzGrIJ38MnhG6l4KJyY99H_ipLFl5Ot39-lrQfU3Fq8bgGBs6CdY8xkArSTAmPlxup8lWJsWyg7eTzfGmRVrGncu2U7X-kZZ5FaAlKXcqUqTUxKWGgKPLK6sSL4U6zfS&sai=AMfl-YTI8PQQBx8chLmRpEJQHRFLqaf93szim3QmJuUy0IiVlXPkr_1PTkE1AiNkqhs9rqhwxEoNNP6oqb3DQNgHUU05K9z_1cypGTqM4-8iUw&sig=Cg0ArKJSzAQiaIkBiUbEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 4304 19 KB
8 KB 140ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:01:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 4304 2 KB
1 KB 160ms
140ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:04:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4304 119 KB
36 KB 89ms
89ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 17622413129025430349
tpc.googlesyndication.com/simgad/ Frame 4304 58 KB
58 KB 160ms
86ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17622413129025430349

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5834df7aabce0c1b06dc40b4a899909a717ab2003e8fe488de6706c51c9bfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:48:28 GMT
x-content-type-options: nosniff
age: 242296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59334
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 15:16:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 03:48:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 149E 0
0 105ms
105ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQX5j-lgrMfgf1Kgg0hpUy0EHHjpXzqkO14b51T8XgFkF-65FXKHX8xDPSEjLHHJbZl-CK10GOpRoqT4j1kQzi5OPALFPWS8AeaTrXGH1fm15u6iX6hETVcQfX2Pax1ThwoTO6xfJgPnxYpAmcqwGEJjXpirVJCeZ-GJx37tpNbIWvViftviIdm3jjvI67tYmj0_p-9jFjxFlqob_hBKxF2mdiD5RRE-7F748_BhksfBZi6UupsU7cxVm8r42kWthPsQbuqr5eRTUNP-NJSGmoX9Dfxz-WeAsiDvfLDCnGv7NmBr_qppNtwtPbhV-y&sai=AMfl-YRSwhg9YhNzEgrYRfIsOx7RyxVpBwOZOhBlch2tByzOlvVAoEfXNAreaSmPEr4q6H4OZf-pZfPvw731E-OTu1IEGGcbkAttMxu3yA4tjQ&sig=Cg0ArKJSzBtQ1G2QSyY_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.covidhealth.com
URL: https://www.covidhealth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H2 200 17622413129025430349
tpc.googlesyndication.com/simgad/ Frame 149E 58 KB
58 KB 183ms
108ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17622413129025430349

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5834df7aabce0c1b06dc40b4a899909a717ab2003e8fe488de6706c51c9bfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 03:48:28 GMT
x-content-type-options: nosniff
age: 242296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59334
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 15:16:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 29 Mar 2023 03:48:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/ Frame 149E 19 KB
8 KB 155ms
71ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:01:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/ Frame 149E 2 KB
1 KB 161ms
140ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220330/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Apr 2022 23:04:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 149E 119 KB
36 KB 116ms
116ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36916
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648640521462251"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 1E92 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c54702097d578e5957a1e91c1337a38a4b659e2313b9108dc8e6cfed79fda8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B893 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 726965cedf3a8653cf115bd973436980884e89c2bbb42d5a1ed2192319040e16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4304 0
0 120ms
75ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMjdrL7UA8Btyf-9wVyEkT4Hl1pTZz8AA0zSk9k6IAmI-NBlTXJu8b1wf_SM1rU1nPS2D13pWm40J_5gcHUDIrGhNwFfE9SK2AQsbMJJE-HcWXaUvnl8L0Cz8yEioqORFscYIE7dqIDNQoya8gLwnYE2PCjLw7GVmziFaFja8guBprv_mvUjH3OrAu4m0C3mujN3h-KBtZyYkMRXLVyt7arb3BkLMPlMxgsV55O5XAhlXr76uCCOBy3eZrR9W60ndckWvJDL7eM7PCZ8bIEQdZtHtxnHzQB46SBNT8GwwIMnGpcMGY5P26fuwpsbKiGps&sai=AMfl-YTd0el0jrOfcZlpQsj-vjsJTZjSrBjAI4Ed8lERYTTsXiKvDrysXp8bzvPgZri7E7PEtibaIFHEhmNYJCrVdZPwvy_jLPiWIZFF6L5oSA&sig=Cg0ArKJSzJSZ4AL9WPVEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
DATA 200
OK truncated
/ Frame 4304 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9634f5dbd6fdc8e866056e9ec3176d918248b3ed18886f2d16b879b7d175071d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 149E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbdd91b864c3420d117959d40495fd40d6bfa6583e600adab066d6b93cbcbbc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 149E 0
0 92ms
78ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrw9YnvnuJ2YoGIHa1w61AASWIXJWVn-c2W-s4TOsgmWRpFORefwgFOd57hOPHuGAK521_sJIJnxPt5JOEhW6cJy5DragCXbbrXtb49ITNk2BBhA3UtOPTgw7XKHiK0N4MZQukRtE7Dn_dJ6e9AmHbg5KKjK-uBu2X_Bchbm-t4jHLhTd5WIB8-Se4j72H-hjveaXUTgKLHhvov8yxMUuFoBRP2upb3tjR0Cw09TC-Z-xcPRX5CR7DwaEzoB6Wr9IQhXe0vTlipzktWz7XQb2d80khyQbQLwBn0BRC4WF-3hSdAH3HeWzwY6_X-PB3Ymc&sai=AMfl-YQFxljnFoEtQwWdll9NkbYuXP5bpbZAnLArHuhywE06QAQK_PRVTF-43r9qhDBv2KLDSLI8Exd60aLPz6deLHJPxztr2IbJSz6umI9i6w&sig=Cg0ArKJSzHC5oMnuVp3SEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B893 0
0 86ms
77ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHn-JQVFcGiwBkmkgDh6-H-aJUZ1vSK_kYAE3_kNEW4HmnPWiHs10Erq5_UrilV2B9NEVH85TkZJ-AuQYNmeRlX8ue16H6mjTCQ87XwkI9QkfgcL07saGGmhUxBknv_fNaFnvrMmXQJL5V8p56cFIICcRgiK2Kqu8z1t-qKgWUSkXJwazVhTdWg6E0C9yAXxVb_-F6LrWwY7cS0y9V_CE-USZ3pD2-PIvxpBNGR0bXS2GnaF_AvuWtJo9d6iT50TUfG76PsggExH6hq1C_9YoIv1rcsb81ys4r94sArAk0OSqmoL2JzAQrDbIRXpUiGCubXQVD&sai=AMfl-YRVbCUIyWqsmkCaIM31bVSAkabFywA6MKB4op-zT_k_ijJmg4NIyC2YHhqQhjv6elP9KWQk23GLlbW44KEPCqJrJyY0SvfzqJS0YvY4Zg&sig=Cg0ArKJSzAXTRKPdZ79xEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1E92 0
0 78ms
74ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTm0FB5FuLIRx9qGaj2x7uzTYoQkVk5Ue8TKI3pbPNTiOCYBs1UtoTY45LIYy5d7WI_PPKC3BEUSt8OSHX4yqBR-U3ECL_r0qIsu7Mo7w7jOcVMGHDC4wc5EcgGg3qfdBXLARWIZ8nYISZi3v47EOBc-EPCa8csaLdikP1_oL8FyHWNFgBbU466RaXpRbv2Ecq7oCUq4ieaWDdagZZJ0G3jvZJa2jilxZhlQBBS8ivch0qhAeCBklWD6p3qrLOOniuZvOC9msmF82BGMvuqxWbzQWPDPxsN3xeLPVtEfBXBXtUHZBZJy-R1uP5vjDSmZv8&sai=AMfl-YQcuY-s5ozwsY1Q5vYD60jNrg3uOQYqtIvtWLbYN00NjwO55SyibMPmRi1LC9QI3x-AwcK6xFPiLZZpN538XwvDJVldkE7TObgYQAQgnw&sig=Cg0ArKJSzPqdtrV-g_ijEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 31 Mar 2022 23:06:44 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C170 43 KB
22 KB 111ms
62ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv&co=aHR0cHM6Ly93d3cuY292aWRoZWFsdGguY29tOjQ0Mw..&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=8tqt56jhky8p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dcb49d5a60201ade8ecc0627893fcf55baa87da3c8c1df0b1c4cee87097cca92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z4JfHO3Kx0rmI4fTMz30Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22931
content-security-policy: script-src 'report-sample' 'nonce-Z4JfHO3Kx0rmI4fTMz30Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 23:06:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame C170 51 KB
24 KB 88ms
40ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv&co=aHR0cHM6Ly93d3cuY292aWRoZWFsdGguY29tOjQ0Mw..&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=8tqt56jhky8p

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 13:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 13:19:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame C170 361 KB
142 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 21:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 21:40:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C170 102 B
134 B 48ms
47ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv&co=aHR0cHM6Ly93d3cuY292aWRoZWFsdGguY29tOjQ0Mw..&hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&size=normal&cb=8tqt56jhky8p
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 31 Mar 2022 23:06:45 GMT

GET
H2 200 defer.3.js Show response
cdnbuild.smartandstrong.com/js/ 2 KB
1 KB 9ms
8ms Script
application/javascript 143.204.98.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnbuild.smartandstrong.com/js/defer.3.js
Requested by: Host: www.covidhealth.com
URL: https://www.covidhealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-89.fra50.r.cloudfront.net
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1eda5ef4ff87907159ba426547f34b017ecc1c316b4abc7fb50d4dc4a45c7d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 12 Mar 2022 17:56:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:21:32 GMT
server: nginx/1.18.0 (Ubuntu)
age: 1660208
etag: W/"6217a27c-8f4"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mjg9G49Y3zJGvmGXppLh0EbyPOtiF-vrqB0_Ac7QmaEDe6YiVA7ATg==
expires: Mon, 11 Apr 2022 17:56:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 102ms
55ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220329&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02fcd6297f6dc7fc132af52a59f49db0844a1064de014a17671934330cb0a294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 31 Mar 2022 23:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10574
x-xss-protection: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B91D 7 KB
1 KB 53ms
53ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2fe9c6d8b474c0dda149d21ee44b73c2a1e5f982f4d77cc68571a153f862dfe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a0siVfeBHD5c72+i2xmSEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1107
content-security-policy: script-src 'report-sample' 'nonce-a0siVfeBHD5c72+i2xmSEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 23:06:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/js/defer.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3bed504ae772fc135ce38e323d7474d66fbb9d6523826545dd77406538a4e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: UmFakMPVgB2o45ILDGQ5IA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 31 Mar 2022 23:19:45 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: OuyFGcI0B8W2Upf2CtnQP3guY2UlenfN+JRig/ZNkmoMehv8WbxVbZg1O1l6OMGFG+2apFF2wsdc9kuTYmu1Lw==
x-fb-trip-id: 686109401
x-fb-content-md5: de2b93d9e7ac5a5aae4b66e0dba64d55
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 31 Mar 2022 23:06:45 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b615116e2a03714dc41917d1b66fe088"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/js/defer.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: rL2LgW3ePupMdjFIcUD+JGgvHL+hGFEJRhqKco6yA+R33jwJ5SIl4jahtTYGjXZae6o+M3ODJwrOPhy+44UKWA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 31 Mar 2022 23:06:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 29ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/js/defer.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Thu, 31 Mar 2022 23:06:45 GMT
Content-Encoding: gzip
Age: 1166
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29457
x-tw-cdn: VZ
Last-Modified: Thu, 31 Mar 2022 19:50:29 GMT
Server: ECS (frb/6772)
Etag: "f763893db69b9ff52796c20ddfe2ac52+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdnbuild.smartandstrong.com
URL: https://cdnbuild.smartandstrong.com/js/defer.3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5515
date: Thu, 31 Mar 2022 21:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 31 Mar 2022 23:34:50 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 283 KB
81 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=02e36a7fcb67b84c1fb20450529981ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

658d67bed05d15cb980e2af880ad128cf29bb82aef0f8ccde386ca9f431462a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.covidhealth.com/
Origin: https://www.covidhealth.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lb0tsX55Gyjp5Q1s8JP3WQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 31 Mar 2023 22:56:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82723
x-fb-rlafr: 0
x-fb-debug: eukcOdFyLajaDK0xCZYCCQAEhkK5PXx8yWMrHRs+1yezs5UTHnMaFj7xwA5QJxQsGv8m9GpHNdsMg7r8dXj1Yg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6ea0db622bb1e211a0d37542f94caa30
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 31 Mar 2022 23:06:45 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "77631c09f8cdf2c9d2a0bf25a8a2b0ef"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 189321144817494 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 81ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/189321144817494?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a85f1873480b4a2b3dc365477c96c286201d4756c06fcbcf8920e360a77e471

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 4E6fsjOizqzKDs2fnmoQfP7y8TCLEviO2svQngzaXR3FZS+CydRHo1CK9POptvVgT09DQLVy5h+Ud0/Wh4LG6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 31 Mar 2022 23:06:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.0af76c3310098d2f8f428367b62351b8.html Show response
platform.twitter.com/widgets/ Frame 4C50 319 KB
104 KB 8ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.covidhealth.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 11645
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Thu, 31 Mar 2022 23:06:45 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 31 Mar 2022 19:49:03 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 100ms
52ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Mar 2022 23:06:45 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame B91D 51 KB
24 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 13:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 13:19:57 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/ Frame B91D 361 KB
142 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2uoiJ4hP3NUoP9v_eBNfU6CR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=2uoiJ4hP3NUoP9v_eBNfU6CR&k=6LftXhcTAAAAAAseIHlnI1-x43O0wjKf8Tzyu9nv

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 21:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145570
x-xss-protection: 0
last-modified: Mon, 21 Mar 2022 04:03:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 21:40:02 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4C50 372 B
502 B 139ms
114ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=1e43677b2a922fce017d1fe45c7e6d881d058326

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0af76c3310098d2f8f428367b62351b8.html?origin=https%3A%2F%2Fwww.covidhealth.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

e0b15555d63694edd99155075cbd75c5ac4831aa6d283f75baed7bb516501e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-response-time: 107
date: Thu, 31 Mar 2022 23:06:44 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 23:06:45 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 54269e84ad85bbcfaa6628a6015bf8859ebd1c9c219afd576498356909194e33
content-length: 221

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 101ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=139785502&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidhealth.com%2F&ul=en-us&de=UTF-8&dt=COVID%20Health%20Home%20Page%20-%20COVID%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1534993928&gjid=459503325&cid=1717619655.1648768003&tid=UA-186144-27&_gid=610286445.1648768005&_r=1&_slc=1&cd1=&cd2=&cd3=&z=893155027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidhealth.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 23:06:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.covidhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 30ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189321144817494&ev=PageView&dl=https%3A%2F%2Fwww.covidhealth.com%2F&rl=&if=false&ts=1648768004588&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1648768004587.72254652&it=1648768004422&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 31 Mar 2022 23:06:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1AB4 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
age: 1003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 22:50:02 GMT
expires: Fri, 31 Mar 2023 22:50:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11EE 783 B
536 B 49ms
48ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cba87e113bb75bbf46df173cfb81435adca45b7ec7db14d7d87cf78a8f032a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CvVLkY7ajJXGKQEJEB5siQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-CvVLkY7ajJXGKQEJEB5siQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Mar 2022 23:06:45 GMT
expires: Thu, 31 Mar 2022 23:06:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AB4 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V_I9kkE0weacsZYJ7hXHsf1U2l7Bs5zHQi7wjQJaUfA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 09:29:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13731
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 09:29:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11EE 0
0 91ms
90ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220329&jk=2911518340040989&rc=null
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4304 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnpHTVldhC1pe2DO3Kzi9xlfnXMdpDHIt9nC_jZTsv-KMnjti1B8_n4n31j9OypyCuEPsSlNnHvGEzZ-LWD83LrYo2xq1U2jBtbyxfAVNbAPAZENhE&sig=Cg0ArKJSzIgiMB9zIaRpEAE&id=lidar2&mcvt=1003&p=402,1111,652,1411&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=687270499&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648768003502&rpt=252&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 23:06:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1E92 42 B
64 B 78ms
78ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8EbBnoLK5K1PuNSuzlx4Auc4IDyFn4QZ7bdS4ps3QNW_qRBSNQWZbU1O9ydm1XsCxUzQ5neIzn-1bd6uKp3BldJ5Ub4tiKmSi6Wqa_HBNNNGbBODq&sig=Cg0ArKJSzA3Apl-QWpjlEAE&id=lidar2&mcvt=1014&p=130,354,220,1082&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20220330&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=194574815&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648768003487&rpt=308&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 23:06:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1AB4 0
9 B 37ms
37ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_XSfQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=189321144817494&ev=Microdata&dl=https%3A%2F%2Fwww.covidhealth.com%2F&rl=&if=false&ts=1648768005092&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COVID%20Health%20Home%20Page%20-%20COVID%20Health%22%2C%22meta%3Adescription%22%3A%22COVID%20Health%20is%20here%20to%20help%20with%20the%20unknowns%20of%20a%20COVID-19%20diagnosis%20and%20what%20lies%20beyond%2C%20as%20well%20as%20ways%20to%20prevent%20transmission%20of%20the%20new%20coronavirus.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22COVID%20Health%20Home%20Page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.covidhealth.com%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn2.poz.com%2F97863_COVID-Health-Logo-stacked-white.jpg_93f20e8c-d6ee-4526-8c61-a592eefe6e4f.jpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221169%22%2C%22og%3Aimage%3Aheight%22%3A%221169%22%2C%22og%3Asite_name%22%3A%22COVID%20Health%22%2C%22og%3Adescription%22%3A%22COVID%20Health%20is%20here%20to%20help%20with%20the%20unknowns%20of%20a%20COVID-19%20diagnosis%20and%20what%20lies%20beyond%2C%20as%20well%20as%20ways%20to%20prevent%20transmission%20of%20the%20new%20coronavirus.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1648768004587.72254652&it=1648768004422&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 23:06:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 31 Mar 2022 23:06:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 89ms
89ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220329&jk=2911518340040989&bg=!FRalFlLNAAZku-1yRLs7ACkAdvg8WjG172-Tu2oOrdJdZpUNFFnqvS_UA20yfhsrwZ630fo9nMlfuAIAAACDUgAAAAJoAQeZAv9ry3QGPgpmJQjpJxh_J5fjyVUVEVBuEKOvE7SebLBbmXKUDUatbuRVlYt8t5o7cry0yswLLbFX2uxlI4JK6wgABOoouSRNHxCNksU_21PlKlbcpt8Ri6y6ySS2AJjbd6NoOSGfkUbXq41I7bLGfF3IetMlpzG-ww0cDn06XDg8SwJMITWUZVLKuxiZebgBl1ptBY_TnoJsIQKj9r_cArOzCBMnx-4CCaLK20vbW44jjLw96QsNUbFFgRiblUFKHHmrkfhKTLw9xtDcCY8GJNMbgTTqTsm3YsWDRXfgHrEBV0H5iE9ieARwmrIhYcl6c66Lb8BgfJ3whPpZlAhlnN1qSaZqkgock9VADqC2vkPIXipYSEAaqC9NZIJip1jKpY7xuzTXKxX3ce5rCDrYGbaln_GRjWqlVSMAQV-nKq4HLVz-gvHUTsGxBu8SyocEOieTlVddzrfFtzi79qzHPO8W-DtZBPOC908lW_Pgli00ay3t6WwXeVn3GmiyUfy308yI4XALsXOtpmWGH0stuJSGfdirEgTEI_uCDp5T7pBK0PzAynGXMjHDK4y7tW0pT55dcGMhQAfqaXr-5s8xjJKyFM0zmxvCNvOGO_Do0jGgIbRde1sxahpUmTjKsMs_Opd2Mmm0gZcXK70u_KhRdkUCr2ariTg9Q49Qu6gTwJtY-okYjNNqWVKNv4cQvvGQwiQ0MOwYTR09WNA1o-lqIWevcwLPitwUKjUNUi-GCde5tvwn7Mre3D8bMadmVFzR-FAf8HRf5A9cZuXh87D_74qSA7GwkcdfXM4MjUQcWQitFi9_Hy4T-89yItRFAATlhlR0pyZVfc-jk1nY3kZabUPbNlHSAe-gWE_TVk1PMs5XCq3TX4zxA2sYX2zoMBglRMuwkwVB1TXy1_u-m0cecnsRcnpIdx_unfW3Qu4N4B-ot9vzjldLicb-1-hhxuDiVKPHewX6otzNRSfwcJ92nKchqk_oucWhylvFC9yZ6T0UKr3OIWF3-Lnx8WQgnMhTpQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Mar 2022 23:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/7a/ 78 KB
29 KB 83ms
38ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/7a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDt6Sjywu6k0Z3_k9AP0p3ZfAReO5UrS9A&libraries=places&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ca3208cf33fbe64e88b9a1a3e75f4a0ab5b2f60626b77de49b56bc4587ccd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 22:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29157
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 16:52:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 22:42:51 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/48/7a/ 294 KB
90 KB 86ms
43ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/48/7a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDt6Sjywu6k0Z3_k9AP0p3ZfAReO5UrS9A&libraries=places&language=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53cba18e0b32e1594751539fa486114fa7bdb237cad979b0420614e8af0f7f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.covidhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 19:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91851
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 16:52:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Mar 2023 19:13:47 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.covidhealth.com/	1970-01-20 02:09:32	Name: AWSALBTG Value: HSQO0lhnweJ+7km7JS/LNgkXlj42CzYcaZrfyvu/FzQhZ3Ey4oU861Q7/Kkv4TTnhOXBR7GdhabPzeJ5CAVWVA2IprN/V74cnMCYa6TiEhv9u0JPllcBh9hkUoLNqgE2ksLv0Z7Hw/UtcZJ+1ZSk90PnoBQFJieYDgsPNrB0tFl7OR4wxQ4=
www.covidhealth.com/	1970-01-20 02:09:32	Name: AWSALBTGCORS Value: HSQO0lhnweJ+7km7JS/LNgkXlj42CzYcaZrfyvu/FzQhZ3Ey4oU861Q7/Kkv4TTnhOXBR7GdhabPzeJ5CAVWVA2IprN/V74cnMCYa6TiEhv9u0JPllcBh9hkUoLNqgE2ksLv0Z7Hw/UtcZJ+1ZSk90PnoBQFJieYDgsPNrB0tFl7OR4wxQ4=
www.covidhealth.com/	1970-01-20 02:09:32	Name: AWSALB Value: lWETmK3wVmTVVVUa2A88sWwrSHfDlrYm5PsJCoMjoHn0yUnLsDSGFoUuQctuH6O9Y+NXFEShmx9vwQsHXVG9wmdGkDIroUSIGekYUTiGjwKmMvpdRIsWRvxT5Vn9
www.covidhealth.com/	1970-01-20 02:09:32	Name: AWSALBCORS Value: lWETmK3wVmTVVVUa2A88sWwrSHfDlrYm5PsJCoMjoHn0yUnLsDSGFoUuQctuH6O9Y+NXFEShmx9vwQsHXVG9wmdGkDIroUSIGekYUTiGjwKmMvpdRIsWRvxT5Vn9
.covidhealth.com/	1970-01-20 11:21:04	Name: __gads Value: ID=e1d2ca17be463eab:T=1648768004:S=ALNI_MbPc1e2D1RdzLDMKzjR2UaUzSLrKg
.doubleclick.net/	1970-01-20 11:21:04	Name: IDE Value: AHWqTUm9MRyBT1IPE1a2vmqZDCT-ygtDYLRwt-s5mL8V6BSwRCTXFsdpMu4RcIv504Q
.covidhealth.com/	1970-01-20 19:30:40	Name: _ga Value: GA1.2.1717619655.1648768003
.covidhealth.com/	1970-01-20 02:00:54	Name: _gid Value: GA1.2.610286445.1648768005
.covidhealth.com/	1970-01-20 01:59:28	Name: _gat Value: 1
.covidhealth.com/	1970-01-20 04:09:04	Name: _fbp Value: fb.1.1648768004587.72254652

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

841a1448c121fc7ed6f3dfe7f28d6500.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.poz.com
cdn1.poz.com
cdn2.poz.com
cdn3.poz.com
cdnbuild.smartandstrong.com
connect.facebook.net
googleads.g.doubleclick.net
maps.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
securepubads.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.covidhealth.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.136
142.250.185.162
143.204.98.89
2600:9000:2156:1e00:11:933c:5480:93a1
2600:9000:2156:7400:11:933c:5480:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.215.96.244
02aa99d2d453b91eb6b5fea89914288e5c5a532ad2a9fe1458080cfb03b743bb
02fcd6297f6dc7fc132af52a59f49db0844a1064de014a17671934330cb0a294
07d3bac2054b92d9648cbf1e64adf71e8987f0c64ab94087c4ec412a503f5231
09a9e289c654ccf886ca8befd112aa2b107ee83d89a1b600ffb69b1c97d2ecbb
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d548daa3e8e081bfcab62c16ccceaedb1adfee03fb512e305674875701656ea
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1bebe07e837fb33f10c63429c52aba83e53af281cdebd8687b3ca740d0703829
1eda5ef4ff87907159ba426547f34b017ecc1c316b4abc7fb50d4dc4a45c7d74
2892575581008eaa25914f01b7b03e56e2cf357d42fb8e668f5baa21c3c0bc61
32f2485f51f3b94a62cba2cb991de7a18b7411a1aaa58711baf89e5271ca5d76
36bed068820a0c27fcdf95623c4b74c745cc75555f1eddbe4f984bb96479fcb7
3a85f1873480b4a2b3dc365477c96c286201d4756c06fcbcf8920e360a77e471
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
408fe165dff48eb2f8cb3a2fcbc1dd92b94d56b4ab11813be55c776871c691cf
43167a45e0e87496ba097857afdb0c5b543f4116decc7f13a5f757ccbe4d2274
44a505daedea32fd28841689f89e934570451122229644c1e3efd62994159b1d
53cba18e0b32e1594751539fa486114fa7bdb237cad979b0420614e8af0f7f23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a6f0dc6f924fabdcdc4e84b1c13db130c326d1f7d62dd824343ea35258286f
57f23d924134c1e69cb19609ee15c7b1fd54da5ec1b39cc7422ef08d025a51f0
5b1d86274252aadd002d37c4ff08980e0247c63dff95d59ef05c4a55677964c5
5e9bee3e673497b594d32c418299e69eea110055a82c384ff3751f9f6be6dfaa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621a7da5d864695fe3720c8947670c8673c8853da1934de08672e0c1ff02087d
658d67bed05d15cb980e2af880ad128cf29bb82aef0f8ccde386ca9f431462a0
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
691928b7419a93dab23d6b38289eea49ceab03de5ccbc744165cfe1386495b22
726965cedf3a8653cf115bd973436980884e89c2bbb42d5a1ed2192319040e16
756dc7db1826f7604f5649280fbd0c2b54fd353801acc1ab9d32c62b8f0aebfc
7cba87e113bb75bbf46df173cfb81435adca45b7ec7db14d7d87cf78a8f032a7
7db3cb27fac91394b62862710647af245735240ce2ac0bdc9d9eef97d3539ece
8aa522dee7d47585e3727366d8c19bf693a12b21f9d845e78de4d0389c90011e
8c54702097d578e5957a1e91c1337a38a4b659e2313b9108dc8e6cfed79fda8f
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
93b7503f71cd703183b7256efa501cda602077e3574b8c2b8d2135140d083a4e
9634f5dbd6fdc8e866056e9ec3176d918248b3ed18886f2d16b879b7d175071d
9978a7c6be70a8af17f13027ee658e098e3a99d10c719e4b57ef4f745014f9ad
9df223e728926e03011e634b0ffe6745a1e34e69aa44212d18c6752a43fe9552
a0315120b66d5141c4d2e381fb5b33602ac16ae8a11d3f9b53073c04ed1e2082
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3bed504ae772fc135ce38e323d7474d66fbb9d6523826545dd77406538a4e29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a736fe6962afb8ee314e4013af5f4e4048e25ac3378528abe5408b62a2a95ebb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac442415ba9ed860e31fbed653979b5ea9fbd3562fa3f6404603e1d42107096a
b03bb55c9a16c0c1e41e036855899369c2deff97d04dc1cdb087c6a269db7409
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3802ba95862b1fad8da321f4079cbc476e5ddc09a7138d1244c61100111af8f
bc69c5a9edf51cef5b3aea70368663e5591fd58e2a599c783ab198f92e906833
bcba12e35a2a3acd81a986939a922b1616f2bde74e914734a7280d12d889569c
c567e34231ec1db0224fbdbfe841df184f40dd2e7fae5c172f856b3965eebf4d
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce338daab1e4066e36ff0622ad37c040602555645b43d305ce395a4286be124b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d199a730d6d96e1c00cdef2cee3eaec9093fc956dbffb32dd846c431aa7ccf10
d2fe9c6d8b474c0dda149d21ee44b73c2a1e5f982f4d77cc68571a153f862dfe
d3464adb39cb32382dd030e9338d774d3c786b18f0ac9e4c508ad6d99fb9c9f8
d5834df7aabce0c1b06dc40b4a899909a717ab2003e8fe488de6706c51c9bfaa
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
da7ae7eec9c1f857161ad9356669f90a20a3e1bd18c8124b53cc2e367e04780b
dbdd91b864c3420d117959d40495fd40d6bfa6583e600adab066d6b93cbcbbc1
dcb49d5a60201ade8ecc0627893fcf55baa87da3c8c1df0b1c4cee87097cca92
e0b15555d63694edd99155075cbd75c5ac4831aa6d283f75baed7bb516501e44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca3208cf33fbe64e88b9a1a3e75f4a0ab5b2f60626b77de49b56bc4587ccd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f869c5a344395c6cd1d3fab6c5f599316de864067c87de9b161c7a59118212b0
fcc18718638c1dd00b90d3fda16d795862f9729e39788205f1b841f444983ed8
fe88cb18cff2dad2d142dc131b7ff6233c01b8ffc6ba393cab2cf5ade068cdd0

www.covidhealth.com Open in urlscan Pro 3.215.96.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

79 %IPv6

15 Domains

23 Subdomains

20 IPs

2 Countries

2579 kBTransfer

6225 kBSize

10 Cookies

14 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.covidhealth.com Open in urlscan Pro
3.215.96.244 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

79 %
IPv6

15
Domains

23
Subdomains

20
IPs

2
Countries

2579 kB
Transfer

6225 kB
Size

10
Cookies

99 HTTP transactions
4 data transactions