www.covidinsider.ch Open in urlscan Pro
52.51.220.79 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.covidinsider.ch/
Submission: On October 19 via automatic, source certstream-suspicious (October 19th 2020, 1:04:51 pm UTC)

Summary HTTP 83 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 25 domains to perform 83 HTTP transactions. The main IP is 52.51.220.79, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.covidinsider.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 1st 2020. Valid for: 3 months.

This is the only time www.covidinsider.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.51.220.79 52.51.220.79	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	13.224.193.68 13.224.193.68	16509 (AMAZON-02) (AMAZON-02)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	104.79.89.16 104.79.89.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	52.85.32.2 52.85.32.2	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5 9	3.126.112.135 3.126.112.135	16509 (AMAZON-02) (AMAZON-02)
1	3.121.95.172 3.121.95.172	16509 (AMAZON-02) (AMAZON-02)
1	141.98.226.53 141.98.226.53	209571 (UBIMET) (UBIMET)
2	18.192.139.172 18.192.139.172	16509 (AMAZON-02) (AMAZON-02)
2	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
3 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.127.132.197 3.127.132.197	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
1	95.101.184.231 95.101.184.231	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f1:... 2a02:26f0:f1:199::36f1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	104.80.29.75 104.80.29.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	54.72.154.223 54.72.154.223	16509 (AMAZON-02) (AMAZON-02)
3	116.202.46.88 116.202.46.88	24940 (HETZNER-AS) (HETZNER-AS)
1 2	212.47.171.92 212.47.171.92	6830 (LIBERTYGL...) (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
83	34

5 52.51.220.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

www.covidinsider.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-68.fra2.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.89.16 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-79-89-16.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.85.32.2 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-2.ham50.r.cloudfront.net

gbucket.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.126.112.135 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.95.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-95-172.eu-central-1.compute.amazonaws.com

profiles.tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.98.226.53 (Austria)

ASN209571 (UBIMET, AT)

web-misc.ubimet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.139.172 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-139-172.eu-central-1.compute.amazonaws.com

gs-goldbach.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.238.175 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

ch-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.132.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.184.231 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a95-101-184-231.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:199::36f1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.80.29.75 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-80-29-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.154.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-154-223.eu-west-1.compute.amazonaws.com

ps-prod.posting-engine.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 116.202.46.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.46.202.116.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.47.171.92 (Switzerland) 1 redirects

ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT)

medins-ssl.wemfbox.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	opecloud.com 5 redirects tagger.opecloud.com profiles.tagger.opecloud.com	3 KB
9	gstatic.com fonts.gstatic.com	127 KB
7	doubleclick.net 3 redirects cm.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
7	google-analytics.com www.google-analytics.com	50 KB
7	gbucket.ch gbucket.ch	17 KB
6	teads.tv a.teads.tv s8t.teads.tv sync.teads.tv t.teads.tv	190 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	145 KB
5	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	34 KB
5	covidinsider.ch www.covidinsider.ch	979 KB
3	servedbyadbutler.com servedbyadbutler.com	2 KB
3	google.de www.google.de adservice.google.de	765 B
3	google.com www.google.com adservice.google.com	361 B
3	facebook.com www.facebook.com	623 B
2	wemfbox.ch 1 redirects medins-ssl.wemfbox.ch	393 B
2	posting-engine.ch ps-prod.posting-engine.ch Failed	2 KB
2	sharethis.com sync.sharethis.com	334 B
2	mookie1.com ch-gmtdmp.mookie1.com	430 B
2	da-services.ch gs-goldbach.da-services.ch	726 B
2	facebook.net connect.facebook.net	92 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googletagmanager.com www.googletagmanager.com	31 KB
1	ubimet.com web-misc.ubimet.com	502 B
1	adition.com imagesrv.adition.com	9 KB
1	stripe.com checkout.stripe.com	27 KB
83	25

	Domain	Requested by
9	fonts.gstatic.com	fonts.googleapis.com
9	tagger.opecloud.com	5 redirects gbucket.ch www.covidinsider.ch
7	www.google-analytics.com	www.covidinsider.ch www.google-analytics.com
7	gbucket.ch	www.covidinsider.ch gbucket.ch
5	www.covidinsider.ch	www.covidinsider.ch
4	pagead2.googlesyndication.com	www.covidinsider.ch pagead2.googlesyndication.com
3	servedbyadbutler.com	www.covidinsider.ch
3	t.teads.tv	www.covidinsider.ch
3	www.facebook.com	www.covidinsider.ch
3	cm.g.doubleclick.net	3 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	medins-ssl.wemfbox.ch	1 redirects
2	ps-prod.posting-engine.ch	www.covidinsider.ch
2	www.google.de	www.covidinsider.ch
2	www.google.com	www.covidinsider.ch
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ib.adnxs.com	1 redirects www.covidinsider.ch
2	sync.sharethis.com	www.covidinsider.ch
2	secure.adnxs.com	2 redirects
2	ch-gmtdmp.mookie1.com	www.covidinsider.ch
2	gs-goldbach.da-services.ch	gbucket.ch
2	connect.facebook.net	www.covidinsider.ch connect.facebook.net
1	fonts.googleapis.com	www.covidinsider.ch
1	sync.teads.tv	s8t.teads.tv
1	s8t.teads.tv	a.teads.tv
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.covidinsider.ch
1	acdn.adnxs.com	gbucket.ch
1	web-misc.ubimet.com	gbucket.ch
1	profiles.tagger.opecloud.com	gbucket.ch
1	a.teads.tv	www.covidinsider.ch
1	imagesrv.adition.com	www.covidinsider.ch
1	checkout.stripe.com	www.covidinsider.ch
83	36

This site contains links to these domains. Also see Links.

Domain
covidinsider.jobs
werbung.covidinsider.ch
eepurl.com

Subject Issuer	Validity	Valid
blog-old.deep-impact.ch Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-09-22` - `2021-02-03`	4 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2019-05-02` - `2021-05-02`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-09-01` - `2020-11-30`	3 months	crt.sh
gbucket.ch Amazon	`2020-07-16` - `2021-08-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.opecloud.com Amazon	`2020-07-30` - `2021-08-31`	a year	crt.sh
*.tagger.opecloud.com Amazon	`2020-07-29` - `2021-08-30`	a year	crt.sh
*.ubimet.com Sectigo RSA Organization Validation Secure Server CA	`2020-06-17` - `2022-09-15`	2 years	crt.sh
gs-goldbach.da-services.ch Amazon	`2020-09-20` - `2021-10-22`	a year	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
s8t.teads.tv DigiCert SHA2 Secure Server CA	`2019-10-17` - `2021-01-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.posting-engine.ch Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-10-14`	a year	crt.sh
adbutler.io Sectigo RSA Domain Validation Secure Server CA	`2020-10-07` - `2021-08-01`	10 months	crt.sh
*.wemfbox.ch GlobalSign RSA OV SSL CA 2018	`2019-12-23` - `2021-04-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.covidinsider.ch/
Frame ID: E68787A6CB190612AEAF87F63BF145DC
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 4C442067C9B1283881527B75E94784CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240905004802868&output=html&adk=1812271804&adf=3025194257&lmt=1603112673&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.covidinsider.ch%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603112673521&bpp=149&bdt=52&idt=256&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7294000675964&frm=20&pv=2&ga_vid=1302146541.1603112674&ga_sid=1603112674&ga_hid=1149850645&ga_fc=0&iag=0&icsg=4536039112762&dssz=34&mdo=0&mso=4194336&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067493%2C21067654&oid=3&pvsid=1844694608509993&pem=358&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=275
Frame ID: 253B835DBE044870649DF6AF14E305F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 566C15910025AC3BFF74AB0A60A14DF7
Requests: 1 HTTP requests in this frame

Frame: https://www.covidinsider.ch/%7B%7Bplacement.iframe_url%7D%7D
Frame ID: 9FEC5F9861C7F577D66F4729339E9325
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 776FD4FA7CA6A6ECAC02A037C554C1F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

83
Requests

90 %
HTTPS

47 %
IPv6

25
Domains

36
Subdomains

34
IPs

7
Countries

1735 kB
Transfer

6391 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://covidinsider.jobs/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://werbung.covidinsider.ch/
Title: Inserieren

Search URL Search Domain Scan URL

URL: http://eepurl.com/bAkmXX
Title: Newsletter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://tagger.opecloud.com/goldbach/v2/noscript-image.gif HTTP 302
https://tagger.opecloud.com/goldbach/v2/noscript-image.gif?trackability-redirect=true HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%252Byv9w%253D%253D%26puid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dgoldbach%2526state%253D2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%25252Byv9w%25253D%25253D%2526puid%253D%2524UID HTTP 302
https://tagger.opecloud.com/appnexus/pbfs.gif?source=goldbach&state=2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%2Byv9w%3D%3D&puid=676478317700284101 HTTP 302
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm&state=2-ZHwXciFDowgylqW0emFRkvIKIXfVLQ%2Fbmw%3D%3D&source=goldbach HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm&state=2-ZHwXciFDowgylqW0emFRkvIKIXfVLQ%2Fbmw%3D%3D&source=goldbach&google_gid=CAESENdk-3mMM8IVIwR-8NzyNfI&google_cver=1 HTTP 302
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-AUcxuMOWRUizlWHmdLrvxbcWUqasaUmPOQ%253D%253D%26puid%3D

Request Chain 22

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEazr8WCtbXC3Hkyv22CHAw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEazr8WCtbXC3Hkyv22CHAw%26google_cver%3D1

Request Chain 67

https://tagger.opecloud.com/goldbach/v1/noscript-image.gif HTTP 302
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-tPXkxCXhFBXUfkQ8Dqj%252Fnx5mEDis%26puid%3D

Request Chain 74

https://medins-ssl.wemfbox.ch/cgi-bin/ivw/CP?d=0.29469312296739014&r=&x=1600x1200 HTTP 302
https://medins-ssl.wemfbox.ch/blank.gif

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.covidinsider.ch/ 957 KB
125 KB 251ms
110ms Document
text/html 52.51.220.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidinsider.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.51.220.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4112265b917e900e830c7267491d8084efb566e4c8db25c3dd779f7c695eaf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.covidinsider.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000000; includeSubDomains; preload
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: W/"ef2d6-0iCnGxCst8SgFF1wzxwWImHY8gg"
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2f46c5fbad00bf808e140777f78bffa864c9a029c7937e0551df47056b3b9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45744
x-xss-protection: 0
server: cafe
etag: 6104932120503608856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Oct 2020 13:04:33 GMT

GET
H2 200 checkout.js Show response
checkout.stripe.com/ 101 KB
27 KB 161ms
46ms Script
application/javascript 13.224.193.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.68 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-68.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49c1c191416354506ac7fdfc0a72b4225219761c34e33f2c33a1f3be91b41699

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;

Strict-Transport-Security

max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: "ccca41b57af13305be04d6adfeddc0e8"
age: 256
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 23 Sep 2020 19:56:10 GMT
server: AmazonS3
date: Mon, 19 Oct 2020 13:02:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: no-cache
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: RnDoZGMO_HmmX5TgF6vriCE48SiDtmTL5Cq4pio9U_abhDlk_5YgbQ==

GET
H/1.1 200
OK adition.js Show response
imagesrv.adition.com/js/ 29 KB
9 KB 186ms
46ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 670e771fc712c606c8cfa04a9118b193afd0d5378b539d3a72e9a973eaad2087

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:15:52 GMT
ETag: "1759501300"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 8763

GET
H2 200 tag Show response
a.teads.tv/page/87407/ 1 KB
803 B 137ms
53ms Script
application/javascript 104.79.89.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/87407/tag
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.79.89.16 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-79-89-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e2160cd381cb62949a1d906c02714debe43fb98b4c138f646d054e636383f57b

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 553
expires: Mon, 19 Oct 2020 14:04:33 GMT

GET
H2 200 ch_config_desktop.js Show response
gbucket.ch/CH/ 10 KB
4 KB 127ms
42ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/ch_config_desktop.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43f88e20f6058ef3bfefc6897207339a48bd90fe7e84e4a2995a7cd581d8e12d

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QnUetFUziJ54RvOT_AIr1np0NCcg4XfS
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 13:50:17 GMT
server: AmazonS3
age: 31
etag: "fbc88213153d6123835e050000dcbe32"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Mon, 19 Oct 2020 13:04:11 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: ad4Jv6QNLrT88F1Dote3HTewM0soo648KDYIECiy20q-9cM3rq_WVg==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 DE_medinside_ch_ROS_inc_Homepage_Desktop.js Show response
gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Desktop/ 4 KB
2 KB 135ms
49ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Desktop/DE_medinside_ch_ROS_inc_Homepage_Desktop.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f273c38deedfc93969360c9f47cb66d70d11f6b5c8270a6b137e2fb68715f662

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hkSSM1n6WP321j6Xdnx4DgcRu8hiODw3
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 09:05:17 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "3b3dbcb01ae32a0f34cf49dd295cb896"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
date: Mon, 19 Oct 2020 13:04:33 GMT
x-amz-cf-id: zmavMNH1PWPIObskK37PUxfUwndmzGo6iBMM0MzjwE-ohzDg6qh5ZA==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 ch_config_mobile.js Show response
gbucket.ch/CH/ 9 KB
4 KB 127ms
42ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/ch_config_mobile.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c799f2afc47f0b516d9f7358e56c50770c6098986f28316639d900c44c24c75

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: oKEtdGUecJYsSam2JFp2AF2qYjweK3OM
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 13:45:30 GMT
server: AmazonS3
age: 72
etag: "a8037b7c93020f5e58fec37bf9b673e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Mon, 19 Oct 2020 13:04:14 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: NAKBkwtvloJe4Oyd035EhtVw4CWIqCNg8u_1IbFIMI1Cnw8fbXX0QA==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 DE_medinside_ch_ROS_inc_Homepage_Smartphone.js Show response
gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Smartphone/ 4 KB
2 KB 136ms
51ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Smartphone/DE_medinside_ch_ROS_inc_Homepage_Smartphone.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ff9cadc4e693edadeb5a6a9cbaa03d42f6177ab3db7b6886ef9d30e102c7f00

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Q6I7wwGjoGmHELg4lp5_gB3heiFCQG57
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 09:12:55 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "82b82cc90ad72466be7d79a5a8416438"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
date: Mon, 19 Oct 2020 13:04:33 GMT
x-amz-cf-id: B41L6hW7fcIpCWUXFjyBrEgPBgClA-aqM85BuPPtiAkZCcvsXoThiA==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 DE_medinside_ch_ROS_inc_Homepage_Desktop_Outstream.js Show response
gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Desktop/ 3 KB
1 KB 138ms
53ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Desktop/DE_medinside_ch_ROS_inc_Homepage_Desktop_Outstream.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42a61cda3d4d1c67ebc1cc0cf3ceafd249f1e966c3e25f74abfc5fee966a3795

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vcrK30etAdULk.orx_QZJEF5a0sRtBnr
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 09:11:58 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "e2d93936386787f3646b1a1652d7051e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
date: Mon, 19 Oct 2020 13:04:33 GMT
x-amz-cf-id: m1K6h5GhgOSYG1pGVhbCDvNjYctZgld6rdDI9lki8aCpIaYcaA__Jg==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 DE_medinside_ch_ROS_Homepage_Smartphone_Outstream.js Show response
gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Smartphone/ 3 KB
1 KB 137ms
53ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Smartphone/DE_medinside_ch_ROS_Homepage_Smartphone_Outstream.js
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed728cc698776c5da095a15fd3e4ea92c67f5512ffc573de5edf2b91cca7a1f0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: bTR_FX72Jx_3HLOcE5QNkGn3z_woyuGr
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 09:13:32 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
etag: "fd4ff390c75920df6f4e8d3ff8e942e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
date: Mon, 19 Oct 2020 13:04:33 GMT
x-amz-cf-id: 0pCvVkRwB0VfaTiaGBJnqR50znSC5JcoLOvyy3elwKEieRP7O-a_xA==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: 4ytneVJ2NcF28A52brUsdAfi5kOccxfsJ+AFTW54C990vGPzUqDrP+6IcAFISBWsOfPy53cWf8HES4UAVnf0fw==
x-fb-trip-id: 664085054
date: Mon, 19 Oct 2020 13:04:33 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6524
date: Mon, 19 Oct 2020 11:15:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Mon, 19 Oct 2020 13:15:49 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 230 KB
87 KB 51ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88670
x-xss-protection: 0
server: cafe
etag: 13373283986949850894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Oct 2020 13:04:33 GMT

GET
H/1.1 200
OK main.min.c183cd23.js Show response
www.covidinsider.ch/ 3 MB
781 KB 71ms
69ms Script
application/javascript 52.51.220.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidinsider.ch/main.min.c183cd23.js

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.51.220.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

496d2f1e6fe0a5f304c4eba933d2d443cec9c6d6510db847ffa0e1d0b07c9e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 19 Oct 2020 09:46:35 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"32a6ae-1754040e078"
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000000; includeSubDomains; preload
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Accept-Ranges: bytes

GET
H2 200 totmGBucket.js Show response
gbucket.ch/scripts/totm/v1/ 10 KB
3 KB 44ms
41ms Script
application/javascript 52.85.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/scripts/totm/v1/totmGBucket.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.32.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-32-2.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76de15d8ce345356b18f8cd80c23c070771a765ab8b01ab4a8cc411451a92ca1

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GzXQgCfu.d7rH4.EyuKZlc0djlnA6A6y
content-encoding: gzip
last-modified: Tue, 15 Sep 2020 12:44:12 GMT
server: AmazonS3
age: 24
etag: "0d7188ab7d0b1e18b733ca437f7be8fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
date: Mon, 19 Oct 2020 13:04:14 GMT
x-amz-cf-pop: HAM50-C1
x-amz-cf-id: UGvGWcVPrKDmTSQIOedcUeYiPFbvTCiiEYhlBw8YbUQJZd1rsVIfkg==
via: 1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)

GET
H2 204 uid Show response
tagger.opecloud.com/goldbach/v2/ 0
153 B 168ms
55ms XHR
text/plain 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/goldbach/v2/uid
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 19 Oct 2020 13:04:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.covidinsider.ch
vary: Origin

GET
H2 200 profile Show response
profiles.tagger.opecloud.com/api/v1/goldbach/ 15 B
230 B 255ms
141ms XHR
application/json 3.121.95.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://profiles.tagger.opecloud.com/api/v1/goldbach/profile
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.95.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-95-172.eu-central-1.compute.amazonaws.com
Software: akka-http/10.1.8 /
Resource Hash: da5956eb40499755436091829dc92f137f6a7d076a34df1aed00e74ca4689141

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
server: akka-http/10.1.8
status: 200
content-type: application/json
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache
access-control-allow-credentials: true

GET
H/1.1 200
OK / Show response
web-misc.ubimet.com/weatherapi/ 884 B
502 B 208ms
96ms Script
text/html 141.98.226.53
UBIMET

General

Check archive.org

Show headers Download Go to

Full URL: https://web-misc.ubimet.com/weatherapi/?jsonp=hr&token=mSvlrOJzu6iZGLE6x1TMRkW5dU7CBaEOTaZkOIAjoIiV4M2RnwDf6AB94imgjQUd&set=pollen,curr_temp,curr_situation,7d_1d_situation,7d_1d_temperature
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 141.98.226.53 , Austria, ASN209571 (UBIMET, AT),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: bc6e29b830ffa178036cac5a2655b925072885570f6a0dfcc2634933b94f611b

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 19 Oct 2020 13:04:33 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK grapeshot Show response
gs-goldbach.da-services.ch/ 4 B
363 B 214ms
53ms XHR
application/json 18.192.139.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-goldbach.da-services.ch/grapeshot?url=https://www.covidinsider.ch/
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.139.172 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-139-172.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: c89a148be40e6752261e3038609a4b68de22fa3bfdaf32f884edffb8480b9bbe

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
ETag: W/"4-Nh5iwoZ90O9t9Vr2CImOgrTQIPQ"
Server: nginx/1.14.1
X-Powered-By: Express
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 4

GET
H2 200 learn
ch-gmtdmp.mookie1.com/t/v2/ 43 B
324 B 146ms
52ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_42006&src.rand=1603112673602&src.id=Goldbach
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 custom
tagger.opecloud.com/goldbach/v2/ 35 B
211 B 110ms
56ms Image
image/gif 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/goldbach/v2/custom?type=CustomCriteria
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

GET
H/1.1

200
OK

opx
sync.sharethis.com/
Redirect Chain

https://tagger.opecloud.com/goldbach/v2/noscript-image.gif
https://tagger.opecloud.com/goldbach/v2/noscript-image.gif?trackability-redirect=true
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%252Byv9w%253D%253D%26puid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dgoldbach%2526state%253D2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%25252Byv9w%25253D...
https://tagger.opecloud.com/appnexus/pbfs.gif?source=goldbach&state=2-g2WCXWdaYqUdMttQyxjg4vpp6KWXj%2Byv9w%3D%3D&puid=676478317700284101
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm&state=2-ZHwXciFDowgylqW0emFRkvIKIXfVLQ%2Fbmw%3D%3D&source=goldbach
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm&state=2-ZHwXciFDowgylqW0emFRkvIKIXfVLQ%2Fbmw%3D%3D&source=goldbach&google_gid=CAESENdk-3mMM8IVIwR-8NzyNfI&google_cver=1
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-AUcxuMOWRUizlWHmdLrvxbcWUqasaUmPOQ%253D%253D%26puid%3D

42 B
167 B

236ms
59ms

Image
image/gif

3.127.132.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-AUcxuMOWRUizlWHmdLrvxbcWUqasaUmPOQ%253D%253D%26puid%3D
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:34 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
status: 302
vary: Accept-Encoding
location: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-AUcxuMOWRUizlWHmdLrvxbcWUqasaUmPOQ%253D%253D%26puid%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 20
expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc=
https://ib.adnxs.com/setuid?entity=101&code=CAESEEazr8WCtbXC3Hkyv22CHAw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEazr8WCtbXC3Hkyv22CHAw%26google_cver%3D1

43 B
1 KB

44ms
43ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEazr8WCtbXC3Hkyv22CHAw%26google_cver%3D1

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Oct 2020 13:04:34 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.45:80
AN-X-Request-Uuid: 75a808f5-2790-46ce-a2c3-01fec2801d2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Oct 2020 13:04:33 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid: 3eb0018b-4b06-471e-8ec4-662e303c6842
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEazr8WCtbXC3Hkyv22CHAw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 85 KB
30 KB 126ms
44ms Script
application/javascript 95.101.184.231
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Winsider_AG/medinside_ch/Desktop/DE_medinside_ch_ROS_inc_Homepage_Desktop.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.231 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a95-101-184-231.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: f0a7da2362fe3e990f0aad79ae3eca73d50f35ea9aaaa8c289cfbb1e27d9afba

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 14:49:05 GMT
Server: nginx/1.13.10
ETag: "5f58eb61-1530d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 30402
X-Akamai-Path-Stats: [1:473:527]
Expires: Tue, 20 Oct 2020 13:04:35 GMT

GET
H2 204 uid Show response
tagger.opecloud.com/goldbach/v2/ 0
154 B 159ms
55ms XHR
text/plain 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/goldbach/v2/uid
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_mobile.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 19 Oct 2020 13:04:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.covidinsider.ch
vary: Origin

GET
H/1.1 200
OK grapeshot Show response
gs-goldbach.da-services.ch/ 4 B
363 B 218ms
55ms XHR
application/json 18.192.139.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs-goldbach.da-services.ch/grapeshot?url=https://www.covidinsider.ch/
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_mobile.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.139.172 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-139-172.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: c89a148be40e6752261e3038609a4b68de22fa3bfdaf32f884edffb8480b9bbe

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:33 GMT
ETag: W/"4-Nh5iwoZ90O9t9Vr2CImOgrTQIPQ"
Server: nginx/1.14.1
X-Powered-By: Express
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 4

GET
H2 200 learn
ch-gmtdmp.mookie1.com/t/v2/ 43 B
106 B 129ms
54ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_42006&src.rand=1603112673610&src.id=Goldbach
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 4C44 0
0 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201008/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.covidinsider.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.covidinsider.ch/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 19 Oct 2020 11:21:12 GMT
expires: Mon, 02 Nov 2020 11:21:12 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 6201
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 87 KB
31 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRHD8R

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e192ff9f0956ace3831a480d288177860de5cf5356ac8829380a970b49e9d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32124
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Oct 2020 13:04:33 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
433 B 39ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1149850645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidinsider.ch%2F&ul=en-us&de=UTF-8&dt=Covidinsider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=899576569&gjid=798961597&cid=1302146541.1603112674&tid=UA-63631220-1&_gid=65959951.1603112674&_r=1&_slc=1&z=1494754273

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 937942479657801 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/937942479657801?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ceedcdaafe2a80212d621e953869e4cd72a8fbc696d5aef7c332a158689c1e65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69777
x-xss-protection: 0
pragma: public
x-fb-debug: nHkSJqzPu42BW3XAXDlp/iS3FcEETSpBOcEcv6La8NUBzh/bo/hSxy7deYr47RykwxHmAmip1FuzUwxn3CNbeQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 19 Oct 2020 13:04:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=937942479657801&ev=PageView&dl=https%3A%2F%2Fwww.covidinsider.ch%2F&rl=&if=false&ts=1603112673739&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603112673737.1520454879&it=1603112673708&coo=false&rqm=GET

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 19 Oct 2020 13:04:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-63631220-1&cid=1302146541.1603112674&jid=899576569&gjid=798961597&_gid=65959951.1603112674&_u=IEBAAEAAAAAAAC~&z=655611002

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Oct 2020 13:04:33 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63631220-1&cid=1302146541.1603112674&jid=899576569&_u=IEBAAEAAAAAAAC~&z=1805243077

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63631220-1&cid=1302146541.1603112674&jid=899576569&_u=IEBAAEAAAAAAAC~&z=1805243077

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.covidinsider.ch

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.covidinsider.ch

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 253B 0
0 25ms
24ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9240905004802868&output=html&adk=1812271804&adf=3025194257&lmt=1603112673&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.covidinsider.ch%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603112673521&bpp=149&bdt=52&idt=256&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7294000675964&frm=20&pv=2&ga_vid=1302146541.1603112674&ga_sid=1603112674&ga_hid=1149850645&ga_fc=0&iag=0&icsg=4536039112762&dssz=34&mdo=0&mso=4194336&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067493%2C21067654&oid=3&pvsid=1844694608509993&pem=358&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9240905004802868&output=html&adk=1812271804&adf=3025194257&lmt=1603112673&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.covidinsider.ch%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603112673521&bpp=149&bdt=52&idt=256&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7294000675964&frm=20&pv=2&ga_vid=1302146541.1603112674&ga_sid=1603112674&ga_hid=1149850645&ga_fc=0&iag=0&icsg=4536039112762&dssz=34&mdo=0&mso=4194336&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21067493%2C21067654&oid=3&pvsid=1844694608509993&pem=358&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=275
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.covidinsider.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.covidinsider.ch/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 19 Oct 2020 13:04:33 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Oct-2020 13:19:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Oct 2020 13:04:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Mon, 19 Oct 2020 13:04:33 GMT

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 706 KB
189 KB 23ms
6ms Script
text/javascript 2a02:26f0:f1:199::36f1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/87407/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f1:199::36f1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f3c49c0be732a13e0a26ed7ebb8e4fe95dc48767e746fb14f9b02cbd27394998

Request headers

Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 8E972DD9D1B55B51
status: 200
content-length: 192524
x-amz-id-2: j/UgnfTLsqC7MwZ9v540drYFRIQjjIN8mQ8AOHw1zeluldNfrWp0myLqv9vb4KjEzS9b1kjFEKE=
last-modified: Mon, 19 Oct 2020 09:40:08 GMT
etag: "cae52a0deecaa563b7fedf4396d539e2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: 6
accept-ranges: bytes
access-control-allow-headers: *
x-akamai-path-stats: [1:243:3757]
expires: Mon, 19 Oct 2020 13:34:33 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.covidinsider.ch/fonts/ 65 KB
66 KB 74ms
73ms Font
application/font-woff2 52.51.220.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.covidinsider.ch/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.51.220.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.covidinsider.ch
Referer: https://www.covidinsider.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Nov 2015 17:28:02 GMT
ETag: W/"10440-151596fdcd0"
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Strict-Transport-Security: max-age=31536000000; includeSubDomains; preload
Accept-Ranges: bytes
X-DNS-Prefetch-Control: off
Content-Length: 66624
X-XSS-Protection: 1; mode=block

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-63631220-2&cid=1302146541.1603112674&jid=1900971472&gjid=1499852772&_gid=65959951.1603112674&_u=aGDAgEABAAAAAG~&z=754675209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 19 Oct 2020 13:04:34 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 79 KB
31 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-589SPPP&t=gtm5&cid=1302146541.1603112674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b508f20e14b33883db484333fd23c6719c026fe4a564aea69506450c759cec06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31877
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Oct 2020 13:04:34 GMT

GET covidinsider
ps-prod.posting-engine.ch/engine/api/v1/auth/ping/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=937942479657801&ev=PageView&dl=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F&rl=&if=false&ts=1603112674131&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603112673737.1520454879&it=1603112673708&coo=false&rqm=GET

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 19 Oct 2020 13:04:34 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1149850645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAAC~&jid=1900971472&gjid=1499852772&cid=1302146541.1603112674&tid=UA-63631220-2&_gid=65959951.1603112674&gtm=2wg9u1KRHD8R&z=1528939537

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 09:14:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13788
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wigo-no-slot
sync.teads.tv/ Frame 566C 0
0 157ms
68ms Document
text/html 104.80.29.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.29.75 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /wigo-no-slot
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.covidinsider.ch/de/find/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cs=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.covidinsider.ch/de/find/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.9
content-length: 325
expires: Mon, 19 Oct 2020 13:04:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 154ms
72ms Image
image/gif 104.80.29.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=582&ts=1603112674228&env=js-web&pageId=87407&pid=94674&auctid=50f81006-e595-4b1d-9e05-ece631b0c0c6&f=1&debug_metadata=wb&referer=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.29.75 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 19 Oct 2020 13:04:34 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 157ms
75ms Image
image/gif 104.80.29.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=50f81006-e595-4b1d-9e05-ece631b0c0c6&pageId=87407&pid=94674&fv=582&ts=1603112674230&f=1&referer=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.29.75 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 19 Oct 2020 13:04:34 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 156ms
74ms Image
image/gif 104.80.29.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=50f81006-e595-4b1d-9e05-ece631b0c0c6&pageId=87407&pid=94674&fv=582&ts=1603112674236&f=1&referer=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.80.29.75 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-80-29-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 19 Oct 2020 13:04:34 GMT
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 18ms
17ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63631220-2&cid=1302146541.1603112674&jid=1900971472&_u=aGDAgEABAAAAAG~&z=474408659

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
491 B 39ms
25ms Image
image/gif 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-63631220-2&cid=1302146541.1603112674&jid=1900971472&_u=aGDAgEABAAAAAG~&z=474408659

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac8be3be6577b401edd3874b08ba26a063857ebf7043c294d786b289c2f4ee91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 13:04:34 GMT
server: ESF
date: Mon, 19 Oct 2020 13:04:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Oct 2020 13:04:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=937942479657801&ev=Microdata&dl=https%3A%2F%2Fwww.covidinsider.ch%2Fde%2Ffind%2F&rl=&if=false&ts=1603112674250&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=2&o=30&fbp=fb.1.1603112673737.1520454879&it=1603112673708&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/de/find/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 19 Oct 2020 13:04:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 6242
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:32 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 05:43:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 372064
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Fri, 15 Oct 2021 05:43:30 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 6241
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:33 GMT

GET
H3-Q050 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l521wRZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:08:32 GMT
server: sffe
age: 6220
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12000
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:54 GMT

GET
H3-Q050 200 u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:10:13 GMT
server: sffe
age: 6232
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12256
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:42 GMT

GET
H3-Q050 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:11:15 GMT
server: sffe
age: 6232
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12192
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:42 GMT

GET
H3-Q050 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvzDP3WG.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvzDP3WG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0540f7b39ab2c14328b0fd4f42cf392ff6e2fc746af15a39fc6d8ec775b9a1a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:23:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:29 GMT
server: sffe
age: 6057
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12748
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:23:37 GMT

GET
H3-Q050 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvzDP3WG.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v22/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvzDP3WG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ed2840eba168634abccfa55a462f6e8ed1ed3678ae29e38499a038a8da509c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:23:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:31 GMT
server: sffe
age: 6079
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12720
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:23:15 GMT

GET
H3-Q050 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2
fonts.gstatic.com/s/merriweathersans/v13/ 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v13/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c356c258bb807439b3546c08829c09b5d354aaa03621bc698a03c091f889552d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.covidinsider.ch
Referer: https://fonts.googleapis.com/css?family=Roboto:400,300,700%7CMerriweather:300,400,700,800,300italic,700italic%7CMerriweather+Sans:700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:22:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Aug 2020 19:50:46 GMT
server: sffe
age: 6136
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33660
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:22:18 GMT

POST
H2 401 login Show response
ps-prod.posting-engine.ch/cas/ 215 B
657 B 65ms
65ms XHR
application/json 54.72.154.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps-prod.posting-engine.ch/cas/login
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.72.154.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-154-223.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7f865e08de349b063c7443e43efe03fcecca6ddab9d3112d700cf34504eec60f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
server: nginx
status: 401
p3p: CP="This is not a P3P Policy"
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding, Accept-Language, User-Agent, Referer, DNT
content-length: 215
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logout Show response
ps-prod.posting-engine.ch/cas/ 2 KB
1 KB 65ms
65ms XHR
text/html 54.72.154.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ps-prod.posting-engine.ch/cas/logout

Requested by

Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.72.154.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-154-223.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

11048346abf6a76ac7b7792fdca1fab2edc0825a3721886551e013552ec1a333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
content-language: en-US
p3p: CP="This is not a P3P Policy"
access-control-allow-origin: https://www.covidinsider.ch
cache-control: no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html;charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Accept-Encoding, Accept-Language, User-Agent, Referer, DNT
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET search+filter
ps-prod.posting-engine.ch/engine/api/v1/covidinsider/de/ 0
0

GET
H2 200 custom
tagger.opecloud.com/goldbach/v1/ 35 B
211 B 56ms
55ms Image
image/gif 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/goldbach/v1/custom?type=CustomCriteria&screensize=1600x1200&1plusX=&ubimet_weather=3&ubimet_temperature=12&ubimet_pollen_current_day=0&ubimet_pollen_next_day=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

GET
H/1.1

200
OK

opx
sync.sharethis.com/
Redirect Chain

https://tagger.opecloud.com/goldbach/v1/noscript-image.gif
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-tPXkxCXhFBXUfkQ8Dqj%252Fnx5mEDis%26puid%3D

42 B
167 B

60ms
58ms

Image
image/gif

3.127.132.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-tPXkxCXhFBXUfkQ8Dqj%252Fnx5mEDis%26puid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:34 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
status: 302
vary: Accept-Encoding
p3p: CP="ADMa OUR IND DSP NON COR"
location: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-tPXkxCXhFBXUfkQ8Dqj%252Fnx5mEDis%26puid%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 20
expires: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97b86a9ead384d18522205c0b3fa0c93b79b6df0de67033619e91d6a02c96175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6272
x-xss-protection: 0

GET
H2 200 ;ID=172719;size=0x0;setID=426706;type=json;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ 1 KB
943 B 231ms
99ms XHR
application/json 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=172719;size=0x0;setID=426706;type=json;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: fe1bdc716fab3bd518f29999a57c95948d1f8e4ef2d9042107f0554eb298a667

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.covidinsider.ch
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ;ID=172719;size=0x0;setID=426705;type=json;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ 1 KB
942 B 190ms
59ms XHR
application/json 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=172719;size=0x0;setID=426705;type=json;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 890406642093f7f735819870cfd4c72cc04bd133a9a45760507ff1058df3d7b2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.covidinsider.ch
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET %7B%7Bplacement.iframe_url%7D%7D
www.covidinsider.ch/ Frame 9FEC 0
0

GET
H2 200 ;ID=172719;size=1050x118;setID=428393;type=json;click=CLICK_MACRO_PLACEHOLDER Show response
servedbyadbutler.com/adserve/ 35 B
343 B 115ms
59ms XHR
application/json 116.202.46.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/adserve/;ID=172719;size=1050x118;setID=428393;type=json;click=CLICK_MACRO_PLACEHOLDER
Requested by: Host: www.covidinsider.ch
URL: https://www.covidinsider.ch/main.min.c183cd23.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.46.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.46.202.116.clients.your-server.de
Software: nginx /
Resource Hash: b99f9747e82b368161458c4ca02868c740310e073817d20456377208a9eba32f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin: https://www.covidinsider.ch
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1149850645&t=pageview&_s=2&dl=https%3A%2F%2Fwww.covidinsider.ch%2F&dp=%2Fde%2Ffind%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAG~&jid=&gjid=&cid=1302146541.1603112674&tid=UA-63631220-1&_gid=65959951.1603112674&z=731226729

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 09:14:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13788
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

blank.gif
medins-ssl.wemfbox.ch/
Redirect Chain

https://medins-ssl.wemfbox.ch/cgi-bin/ivw/CP?d=0.29469312296739014&r=&x=1600x1200
https://medins-ssl.wemfbox.ch/blank.gif

43 B
110 B

49ms
49ms

Image
image/gif

212.47.171.92
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medins-ssl.wemfbox.ch/blank.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.47.171.92 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software: s2.51.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 19 Oct 2020 13:04:34 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: s2.51.1
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 19 Oct 2020 13:04:34 GMT
last-modified: Mon, 19 Oct 2020 13:04:34 GMT
server: s2.51.1
status: 302
content-type: text/html
location: /blank.gif
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
7ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1149850645&t=pageview&_s=3&dl=https%3A%2F%2Fwww.covidinsider.ch%2F&dp=%2Fde%2Ffind%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAG~&jid=&gjid=&cid=1302146541.1603112674&tid=UA-63631220-1&_gid=65959951.1603112674&z=1125864754

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 09:14:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13788
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 9ms
8ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1149850645&t=pageview&_s=4&dl=https%3A%2F%2Fwww.covidinsider.ch%2F&dp=%2Fde%2Ffind%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAG~&jid=&gjid=&cid=1302146541.1603112674&tid=UA-63631220-1&_gid=65959951.1603112674&z=1324801042

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 09:14:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13788
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK news.svg
www.covidinsider.ch/immutableAssets/assets/icons/78d8b5f0af7b1071bd1cb06e1f0b10bf/ 3 KB
1 KB 71ms
69ms Image
image/svg+xml 52.51.220.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.covidinsider.ch/immutableAssets/assets/icons/78d8b5f0af7b1071bd1cb06e1f0b10bf/news.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.51.220.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a6f9eeefe344d870d5a7ad7cfd2bac2d542502c87503a9f7f439a6aab2b537c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 19 Oct 2020 09:46:27 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"a31-1754040c138"
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000000; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: public, max-age=31556926
Accept-Ranges: bytes

GET
H/1.1 200
OK logo-tagline.svg
www.covidinsider.ch/immutableAssets/assets/img/c748bffe33df1e9771c40c82236e8abf/ 17 KB
6 KB 117ms
116ms Image
image/svg+xml 52.51.220.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.covidinsider.ch/immutableAssets/assets/img/c748bffe33df1e9771c40c82236e8abf/logo-tagline.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.51.220.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-220-79.eu-west-1.compute.amazonaws.com

Software

Resource Hash

05e424bcfe383860d5c8635d2539004989fbc953b2088fb457640c97848ec4dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 19 Oct 2020 13:04:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-DNS-Prefetch-Control: off
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 19 Oct 2020 09:46:27 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"43bd-1754040c138"
X-Download-Options: noopen
Strict-Transport-Security: max-age=31536000000; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: public, max-age=31556926
Accept-Ranges: bytes

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 13:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Mon, 19 Oct 2020 13:04:34 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 776F 0
0 26ms
12ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.covidinsider.ch/de/find/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.covidinsider.ch/de/find/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Mon, 19 Oct 2020 12:38:06 GMT
expires: Tue, 19 Oct 2021 12:38:06 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1588
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=1844694608509993&bg=!Xl2lXX3NAAUZK2QAGVhus8N6ao3DiwIAAABcUgAAAAwKAbeDQEf6qgf52e7inZlTOqHSVXY2XFvRVqy9OmWjNfl7dPYUrdbmYIkS3BSEBnDOea3gQg7LsvvAJexcf4yQoZhNpquPJoxibvYTO1gehgww-42P_MBg9uIOT9Inr6oD9Tn7d4O5TqEGKORZLe0xqpS__rcMaxyw5eIvpIKaWEIJTi8X3nixD7HObPFeBcB_u8DBu7bLNPmkNmEH8iibHUt7MNsMsbM-WY3LEnvnP4turl1E7QmRaK28Z8xS-O_YCzRm1Rnmnhzvg720PZ5V4cZ0iAunGIO2DVHc_GTZ0-2EYEA1PD7ebRpnvQeHQFmqjBWwwayc3JTR93UQLh1HyfXwJHN1YkwGBzzS3wqb8FLIXxLrP55UzTC9ZHQ-95kEOFRQioK2vQEYQ7eN4bKUBdS-MiZG80ufmO-R4NQTIFrbYLIlIZkZz8sikiRgINr3TOIzcM8W3TVovmlbENvNRbwJZaS_hoC9l50wTqEEZlJx2xI5jqZvfMDHhKzjDOYuwYqdgfuoZ66mqDuWSzxKz2wmW1-f7X0VTJjeGdmfNh4nN-bGbrOQZRe6Vh8EPxXc5v747PQt1kDrmQGspipYInbJSW0U7cbCmw2aTnh2_F9IYw3pgn1TjxdOaCw88x_N-fYSsh5AyEL6EsrGQMC86dZdu2pxj5BARx_o4wY0dY54gBngrxWCCCLOw5Ck-JtzuwdGh4FCw5KqfeDhxgUmOuabRKEIbDV_nmwfgxjAnbXaiVv45iARbP54cf_8Yc30jGdjGUoSb-_xTZbzM4qD9eU9kQ4dAo44XZBbCqX_eBl8wkGJixnKCMTtcX4gwD5eA8LFqTX3BxRb7vq2Jd6_jnPKBI0GYYzfY6Fzs2ZQAonSdm1hQH_cCvCM5kqSzhXpwzTkBLOrem2JOnGIOYRqHDKJh7h8VgSedlL_kLQMkDyjXH28_yC_Rx6uuxtjV58d1e6LrMy9xo-tB-s9pWzZ5TYxvuTR-CwkcWrngpIiECoxQJQCfZqZO-5koFdtaUyGUIsKiCUphDrwG7NjvpHYGjhznVN1OsRXSonSkHG2ij0wtCYuFBGyTWqenPm1cwpyMzzVjImIG61P9j7LBDmGyUmtF7X8ydEwrNsrdxPCH0X7JCvInEnF2L1KPFpxSxXwmj5zKLppJew

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.covidinsider.ch/de/find/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 13:04:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ps-prod.posting-engine.ch
URL: https://ps-prod.posting-engine.ch/engine/api/v1/auth/ping/covidinsider

Domain: ps-prod.posting-engine.ch
URL: https://ps-prod.posting-engine.ch/engine/api/v1/covidinsider/de/search+filter?busId=main&filter=postTypeEntry.postType:article&from=0&pageSize=20&publishingState=published&query=&sort=meta.publishedFrom&tags=&view=published

Domain: www.covidinsider.ch
URL: https://www.covidinsider.ch/%7B%7Bplacement.iframe_url%7D%7D

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.teads.tv/	1970-01-19 14:01:44	Name: cs Value: 1
.doubleclick.net/	1970-01-19 22:40:08	Name: IDE Value: AHWqTUmYAG-5cZbQrHOMthZrcrEtR_wSNAUiYnaqF9ZX2jqKjEs-Ytravvyb0dJD
.covidinsider.ch/	1970-01-19 15:28:08	Name: _fbp Value: fb.1.1603112673737.1520454879
.covidinsider.ch/	1970-01-19 13:18:32	Name: _dc_gtm_UA-63631220-2 Value: 1
.covidinsider.ch/	1970-01-20 06:49:44	Name: _ga Value: GA1.2.1302146541.1603112674
.covidinsider.ch/	1970-01-19 13:18:32	Name: _gat Value: 1
.covidinsider.ch/	1970-01-19 13:19:59	Name: _gid Value: GA1.2.65959951.1603112674

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.32.0
console-api	log	URL: https://gbucket.ch/CH/ch_config_mobile.js(Line 166) Message: {}
console-api	warning	URL: https://www.covidinsider.ch/main.min.c183cd23.js(Line 25) Message: You are using the ngTouch module. AngularJS Material already has mobile click, tap, and swipe support... ngTouch is not supported with AngularJS Material!
console-api	log	URL: https://www.covidinsider.ch/main.min.c183cd23.js(Line 90) Message: ServiceWorker registration successful with scope: https://www.covidinsider.ch/
console-api	warning	URL: https://www.covidinsider.ch/main.min.c183cd23.js(Line 25) Message: Template not found: /module/covidinsider/dashboardSidebar.desktop.html
console-api	warning	URL: https://www.covidinsider.ch/main.min.c183cd23.js(Line 25) Message: Template not found: /module/covidinsider/footer.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
acdn.adnxs.com
adservice.google.com
adservice.google.de
ch-gmtdmp.mookie1.com
checkout.stripe.com
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gbucket.ch
googleads.g.doubleclick.net
gs-goldbach.da-services.ch
ib.adnxs.com
imagesrv.adition.com
medins-ssl.wemfbox.ch
pagead2.googlesyndication.com
profiles.tagger.opecloud.com
ps-prod.posting-engine.ch
s8t.teads.tv
secure.adnxs.com
servedbyadbutler.com
stats.g.doubleclick.net
sync.sharethis.com
sync.teads.tv
t.teads.tv
tagger.opecloud.com
tpc.googlesyndication.com
web-misc.ubimet.com
www.covidinsider.ch
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
ps-prod.posting-engine.ch
www.covidinsider.ch
104.79.89.16
104.80.29.75
116.202.46.88
13.224.193.68
141.98.226.53
172.217.21.194
18.192.139.172
212.47.171.92
217.79.188.11
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:816::2001
2a00:1450:4001:819::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9a
2a00:1450:400c:c04::9b
2a02:26f0:f1:199::36f1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.121.95.172
3.126.112.135
3.127.132.197
35.186.238.175
37.252.173.27
52.51.220.79
52.85.32.2
54.72.154.223
95.101.184.231
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0540f7b39ab2c14328b0fd4f42cf392ff6e2fc746af15a39fc6d8ec775b9a1a5
05e424bcfe383860d5c8635d2539004989fbc953b2088fb457640c97848ec4dc
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11048346abf6a76ac7b7792fdca1fab2edc0825a3721886551e013552ec1a333
1866533cfaaab8f46695c9eb600c6cefe4079badc7f14de3ca1be142fc39b718
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3ff9cadc4e693edadeb5a6a9cbaa03d42f6177ab3db7b6886ef9d30e102c7f00
4112265b917e900e830c7267491d8084efb566e4c8db25c3dd779f7c695eaf42
42a61cda3d4d1c67ebc1cc0cf3ceafd249f1e966c3e25f74abfc5fee966a3795
43f88e20f6058ef3bfefc6897207339a48bd90fe7e84e4a2995a7cd581d8e12d
496d2f1e6fe0a5f304c4eba933d2d443cec9c6d6510db847ffa0e1d0b07c9e0f
49c1c191416354506ac7fdfc0a72b4225219761c34e33f2c33a1f3be91b41699
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
670e771fc712c606c8cfa04a9118b193afd0d5378b539d3a72e9a973eaad2087
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c799f2afc47f0b516d9f7358e56c50770c6098986f28316639d900c44c24c75
6e192ff9f0956ace3831a480d288177860de5cf5356ac8829380a970b49e9d95
76de15d8ce345356b18f8cd80c23c070771a765ab8b01ab4a8cc411451a92ca1
7ed2840eba168634abccfa55a462f6e8ed1ed3678ae29e38499a038a8da509c2
7f865e08de349b063c7443e43efe03fcecca6ddab9d3112d700cf34504eec60f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
890406642093f7f735819870cfd4c72cc04bd133a9a45760507ff1058df3d7b2
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
97b86a9ead384d18522205c0b3fa0c93b79b6df0de67033619e91d6a02c96175
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6f9eeefe344d870d5a7ad7cfd2bac2d542502c87503a9f7f439a6aab2b537c6
ac8be3be6577b401edd3874b08ba26a063857ebf7043c294d786b289c2f4ee91
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b508f20e14b33883db484333fd23c6719c026fe4a564aea69506450c759cec06
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
b99f9747e82b368161458c4ca02868c740310e073817d20456377208a9eba32f
bc6e29b830ffa178036cac5a2655b925072885570f6a0dfcc2634933b94f611b
c356c258bb807439b3546c08829c09b5d354aaa03621bc698a03c091f889552d
c89a148be40e6752261e3038609a4b68de22fa3bfdaf32f884edffb8480b9bbe
ceedcdaafe2a80212d621e953869e4cd72a8fbc696d5aef7c332a158689c1e65
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
da5956eb40499755436091829dc92f137f6a7d076a34df1aed00e74ca4689141
e2160cd381cb62949a1d906c02714debe43fb98b4c138f646d054e636383f57b
e2f46c5fbad00bf808e140777f78bffa864c9a029c7937e0551df47056b3b9c0
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
ed728cc698776c5da095a15fd3e4ea92c67f5512ffc573de5edf2b91cca7a1f0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7da2362fe3e990f0aad79ae3eca73d50f35ea9aaaa8c289cfbb1e27d9afba
f273c38deedfc93969360c9f47cb66d70d11f6b5c8270a6b137e2fb68715f662
f3c49c0be732a13e0a26ed7ebb8e4fe95dc48767e746fb14f9b02cbd27394998
fe1bdc716fab3bd518f29999a57c95948d1f8e4ef2d9042107f0554eb298a667
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.covidinsider.ch Open in urlscan Pro 52.51.220.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

83 Requests

90 %HTTPS

47 %IPv6

25 Domains

36 Subdomains

34 IPs

7 Countries

1735 kBTransfer

6391 kBSize

7 Cookies

3 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.covidinsider.ch Open in urlscan Pro
52.51.220.79 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

90 %
HTTPS

47 %
IPv6

25
Domains

36
Subdomains

34
IPs

7
Countries

1735 kB
Transfer

6391 kB
Size

7
Cookies

83 HTTP transactions
0 data transactions