urlscan.io logo urlscan.io
SecurityTrails logo

www.medicloud.ch Open in urlscan Pro
3.230.43.178  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.medicloud.ch/
Submission: On November 25 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 16 domains to perform 36 HTTP transactions. The main IP is 3.230.43.178, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.medicloud.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 25th 2020. Valid for: 3 months.
This is the only time www.medicloud.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.230.43.178 14618 (AMAZON-AES)
4 2600:9000:206... 16509 (AMAZON-02)
2 151.101.112.176 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
4 2600:9000:215... 16509 (AMAZON-02)
1 151.101.12.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.240.67 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 13.227.219.28 16509 (AMAZON-02)
1 13.224.198.73 16509 (AMAZON-02)
1 52.51.24.70 16509 (AMAZON-02)
36 23
1    3.230.43.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-43-178.compute-1.amazonaws.com
www.medicloud.ch
4    2600:9000:206f:b000:1c:6508:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
airbit.com
2    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:206f:4e00:1e:7b69:edc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.airbit.com
4    2600:9000:2156:a000:15:515:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.airbit.com
1    151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    13.32.240.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-67.ams50.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.227.219.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net
script.hotjar.com
1    13.224.198.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-73.fra2.r.cloudfront.net
vars.hotjar.com
1    52.51.24.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-24-70.eu-west-1.compute.amazonaws.com
in.hotjar.com
Domain Requested by
4 api.airbit.com airbit.com
4 airbit.com www.medicloud.ch
3 connect.facebook.net www.medicloud.ch
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com www.medicloud.ch
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.airbit.com www.medicloud.ch
2 sessions.bugsnag.com airbit.com
2 js.stripe.com www.medicloud.ch
js.stripe.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de www.medicloud.ch
1 www.google.com www.medicloud.ch
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.medicloud.ch
1 pagead2.googlesyndication.com www.googletagmanager.com
1 i.imgur.com www.medicloud.ch
1 www.googletagmanager.com www.medicloud.ch
1 fonts.googleapis.com airbit.com
1 www.medicloud.ch
36 21

This site contains links to these domains. Also see Links.

Domain
support.airbit.com
airbit.com
Subject Issuer Validity Valid
www.medicloud.ch
Let's Encrypt Authority X3		 2020-11-25 -
2021-02-23		 3 months crt.sh
airbit.com
Amazon		 2020-09-11 -
2021-10-13		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2020-09-22 -
2021-02-03		 4 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2021-05-18		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.hotjar.com
Amazon		 2020-01-22 -
2021-02-22		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.medicloud.ch/
Frame ID: 740DF4A9DD007459C87C6663AB824233
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
Frame ID: D05AB4B89124646EB5CF78353E5D86FF
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 54AA8425111123F40313D354BBA15637
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

36
Requests

100 %
HTTPS

70 %
IPv6

16
Domains

21
Subdomains

23
IPs

4
Countries

2011 kB
Transfer

6501 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.medicloud.ch/ 		60 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medicloud.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.230.43.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-43-178.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2a9561ce20553de71619413b3498795ca62cbc2a490d3db73e6423e92e115732

Request headers

Host
www.medicloud.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 16:00:52 GMT
Server
Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding,User-Agent
Content-Length
10501
Set-Cookie
XSRF-TOKEN=eyJpdiI6Ik5CcUthOWhcL2VNcEdHdG5GYk1FZ1dRPT0iLCJ2YWx1ZSI6Ik5yQXdyU1JXMFZJVUhXNUpEaFpSakZhMVwvVW9HWTBja3hKSkJzMVZDenVTYXpnYkV4WlUrYXZnS04zREcwa1d0IiwibWFjIjoiY2E2NzMxOTZkMjg0MmUwODg2NjNkYjlhYmI2YmM2ZDJlNWMzYTI5M2IxYTRmNzYxNzAzYmIyOTFmMTg4MTgxNSJ9; expires=Sat, 28-Nov-2020 16:00:52 GMT; Max-Age=259200; path=/; domain=.medicloud.ch obac=deleted; expires=Tue, 26-Nov-2019 16:00:51 GMT; Max-Age=0; path=/; domain=.medicloud.ch; httponly obac_refresh=deleted; expires=Tue, 26-Nov-2019 16:00:51 GMT; Max-Age=0; path=/; domain=.medicloud.ch; httponly cart_id=eyJpdiI6IkVEbTdGc3JcL1dtSHdnT2pQQUhibWd3PT0iLCJ2YWx1ZSI6IjZcL0ZRVlFFckhuRUNMb0RES1wvRVpHaEMwMXlWQlBMd1JrMkZUc1ViWUdNQm1ydUlIWmdDN0pqeGVUK21BUXBobyIsIm1hYyI6IjE2NDlmMzE2MjIxYmYwZmRlYzBhZWIwNTJhZTI0ZTA3MWU0MjkzNTRhNGE1MzZmMTIzY2VlNGVlYTIzNjdkNmIifQ%3D%3D; expires=Mon, 24-Nov-2025 16:00:52 GMT; Max-Age=157680000; path=/; domain=.medicloud.ch airbit_session=eyJpdiI6IllZMTBucDVsbk81eHBIVEJlZUNQd2c9PSIsInZhbHVlIjoiRkxMZ0ZYV0R5Mnd1VFZGb3RZNDNFbm1FZHAwUzk5Yk9sbDdnSWRpNjZZUXk1dXplV2FXSjl5NVdNVmN5ejl0TSIsIm1hYyI6ImYyNTZmNDZmODcxOWZjZTNlNmU2OGM2MjI4NmI1MGM3ZjA5YTAwODRlYTNjNTJiNjk1N2I5NGYxYjhhMzA5ZGEifQ%3D%3D; expires=Sat, 28-Nov-2020 16:00:52 GMT; Max-Age=259200; path=/; domain=.medicloud.ch; httponly obaca=deleted; expires=Tue, 26-Nov-2019 16:00:51 GMT; Max-Age=0; path=/; domain=.medicloud.ch; httponly
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
libs.css
airbit.com/assets/infinity/css/ 		282 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airbit.com/assets/infinity/css/libs.css?id=8e23a0ebcd88fdbd827f
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:1c:6508:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
cb8106bde5fe84b4c5d03639774f732367864b35f334e092ee36413a48374229

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 06:06:44 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 08:18:37 GMT
server
Apache/2.4.18 (Ubuntu)
age
35648
etag
"46856-5b4c1d74f6810-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
45365
x-amz-cf-id
dDs97jfmjODJfq2pJwbgc5AqgeSXdQuww3pfwGd6v_6C43ZPsBalgg==
infinity.css
airbit.com/assets/infinity/css/ 		103 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://airbit.com/assets/infinity/css/infinity.css?id=a51f77e3c287b2465890
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:1c:6508:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3189e09ff1a05c9bfebd9129390d9cc20fb393f9c191d85dd5d3e06409fc18ec

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 20:00:23 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 08:18:31 GMT
server
Apache/2.4.18 (Ubuntu)
age
72028
etag
"19bc0-5b4c1d6f2dd9d-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
20331
x-amz-cf-id
A88iWSiDAVQdTvSrvzCYbo75RbsJbd9vz_Xl9Slqb_sAQBNMugxqrg==
libs.js
airbit.com/assets/infinity/js/ 		257 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://airbit.com/assets/infinity/js/libs.js?id=7f095b5406a38aea5842
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:1c:6508:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f550764382899eb64f9357b13feb1a71c6df89e63421e970fd59685b2cc9d653

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 20:42:02 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 08:18:58 GMT
server
Apache/2.4.18 (Ubuntu)
age
69530
etag
"402bf-5b4c1d8914972-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
8Pb8_eTvqJ_4p6rPTYCVd0XqVc2mDy0608j5lPax4WBzVkkLL-j7SA==
/
js.stripe.com/v3/ 		186 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
133ef7cd5d34ee12ca76ea374e48410e81545790de226170fa2d9bcdb6caf513
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:52 GMT
content-encoding
gzip
vary
Accept-Encoding
age
46
via
1.1 varnish
x-cache
HIT
content-length
49194
x-amz-id-2
BL47vXBRUYl45pkOrpYE8k9XOEy8hjnnUls4gZeixE0xMkfdE+jCxgbIEEVWtQNgm8PuLSsgM/E=
x-served-by
cache-hhn4020-HHN
timing-allow-origin
*
last-modified
Wed, 25 Nov 2020 01:53:27 GMT
server
AmazonS3
etag
"30568b6c62522f9c38801e4106529c89"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
B4FC8FBF90B0903C
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
40
infinity.js
airbit.com/assets/infinity/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:1c:6508:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8f6210cab72f0d324a62c6ce2c1bef85cc115c4f1eecdce93e88b999aaeb4d5d

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 01:41:25 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 08:18:37 GMT
server
Apache/2.4.18 (Ubuntu)
age
51567
etag
"49372e-5b4c1d7510df0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
-g-bmXANzvH60XcgEnibja3K_Bd6qzHgZlR84uJKhUCDsvp0X9xUzA==
css
fonts.googleapis.com/ 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/css/infinity.css?id=a51f77e3c287b2465890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1427e05e9cf64929c15e8d6ae49f5410b2b015437d2a14226c2b240da22aa440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://airbit.com/assets/infinity/css/infinity.css?id=a51f77e3c287b2465890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 Nov 2020 15:33:47 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Wed, 25 Nov 2020 16:00:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 25 Nov 2020 16:00:52 GMT
gtm.js
www.googletagmanager.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TN8XC74
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1925523222173df5af9de6d434114d7202ba8ff055e8a7268e6107088c4111f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37083
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 Nov 2020 16:00:52 GMT
/
sessions.bugsnag.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://www.medicloud.ch
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 25 Nov 2020 16:00:53 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.medicloud.ch/
Bugsnag-Sent-At
2020-11-25T16:00:53.151Z
Bugsnag-Api-Key
ba4f4bc306fb6eabac3c931d61ed269b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 25 Nov 2020 16:00:53 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medicloud.ch
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 22:12:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
150486
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Tue, 23 Nov 2021 22:12:47 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medicloud.ch
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 22:12:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
150476
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Tue, 23 Nov 2021 22:12:57 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medicloud.ch
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 22:12:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
150476
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Tue, 23 Nov 2021 22:12:57 GMT
template_3d5258de6a7bd2100ca4aa9ca56d4417.png
cdn.airbit.com/infinity/logos/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.airbit.com/infinity/logos/template_3d5258de6a7bd2100ca4aa9ca56d4417.png
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4e00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7173a1db5fd7725ffa0f9ab6e7291f413a583aa678f068b4273334ebd4a19d38

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 07:21:25 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
last-modified
Mon, 01 Apr 2019 13:02:53 GMT
server
AmazonS3
age
31169
etag
"e8ef8fbf7d37530f91ade0fee6ffdd15"
x-cache
Hit from cloudfront
x-amz-version-id
sEckmohJW5BTTkHpu0nJxMgEx63ex9Z1
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
image/png
content-length
4442
x-amz-cf-id
iF4B1wc4eAysnKJ6_Wd8pGCqDCpuvIYueTK3SUL61Yg-y0un-2cHRg==
beats
api.airbit.com/users/542202/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbit.com/users/542202/beats?page=1&limit=20&search=&user_id=542202&expand=tags&genre=0&moods=&added=0&order=&tags=&tempo=
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
39f10aa82af51497de86ea10eb48b2681bb0898b83d9fa160947644a68511714

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization
content-length
1516
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-id
BVRPK1b-tmPQAb5zvmgWJG-YLsMSZ4DtZftLjyJMvN3TlXGiD2oTMA==
YB4fJJk.gif
i.imgur.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/YB4fJJk.gif
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c4e97edb4a8980564138ef96147a7ae04fe9472a4eaebb77a0c00e07606b887b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
x-content-type-options
nosniff
age
2885166
x-cache
HIT, HIT
content-length
35421
x-served-by
cache-bwi5140-BWI, cache-fra19160-FRA
last-modified
Fri, 05 Oct 2018 17:30:09 GMT
server
cat factory 1.0
x-timer
S1606320053.363286,VS0,VE1
etag
"56716558e567a88aacfd3409d9fb0963"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1057, 1
moods
api.airbit.com/users/542202/beats/ 		139 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbit.com/users/542202/beats/moods
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ddce04bcf7f8c1e58d04f4f3cbc014fc80d82ea2fe69e3a783eabbf3ebac0753

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization
content-length
101
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-id
77hGedgewFp4SP-ECK6TDSf-fSMF6kvuiXNg_yJvwXC5fpeX0mkA_Q==
genres
api.airbit.com/users/542202/beats/ 		119 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbit.com/users/542202/beats/genres
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
59680643d2755cb35ec975c9f2f5b0353e347f2b2d1881686374ff0b752f75ed

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization
content-length
112
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-id
VDbxY0aeLeMc-OQl5l32lsQir_eapxEKWU6EOyN75nryKum1pijRgQ==
short
api.airbit.com/url/ 		35 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.airbit.com/url/short?url=https:%2F%2Fmedicloud.ch
Requested by
Host: airbit.com
URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a000:15:515:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c6cdf2309caa28f8a34e3100dd96298ca5b3099b57f9be93fb69c79f53f16d10

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
x-amz-cf-pop
FRA50-C1
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, Content-Type, Accept, Accept-Encoding, Accept-Language, Authorization, X-Request-With, Cache-Control, Host, X-Requested-With, X-XSRF-TOKEN, X-Authorization
content-length
55
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-id
K1cvtH73pPhQ_EbeKbMSZyIdIezZnVg1nEY9TUmcmQlINj6w_7fZRQ==
m-outer-26f06e6dfafc73ef8d70171c2397785d.html
js.stripe.com/v3/ Frame D05A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-26f06e6dfafc73ef8d70171c2397785d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medicloud.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medicloud.ch/

Response headers

x-amz-id-2
sUXQaBeoyL0pBy+zPOsHzi3cgFSxWMq1cQpiDsACqJwuM9HkTJdgD5Sg3tUkKqwNvO51uqUxP84=
x-amz-request-id
B94A5CBA5B079A1F
last-modified
Tue, 27 Oct 2020 02:50:25 GMT
etag
"26f06e6dfafc73ef8d70171c2397785d"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 25 Nov 2020 16:00:53 GMT
via
1.1 varnish
age
113
x-served-by
cache-hhn4020-HHN
x-cache
HIT
x-cache-hits
426
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
185
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN8XC74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2705
date
Wed, 25 Nov 2020 15:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 25 Nov 2020 17:15:48 GMT
fbevents.js
connect.facebook.net/en_US/ 		89 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
pragma
public
x-fb-debug
ZzgdyuXBarkOrFOmEwZB8z4WrIxfh7U+zKP5l5d3YfznHz/UqkzSGXzoEB70u3xTlT0uEuFXieUbKctFD72n5g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 16:00:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TN8XC74
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45286
x-xss-protection
0
server
cafe
etag
14933426052519692593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 25 Nov 2020 16:00:53 GMT
hotjar-1720261.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1720261.js?sv=6
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.240.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-240-67.ams50.r.cloudfront.net
Software
/
Resource Hash
38d510105dd37d41c60bdc3e2105cbf7e7f13f00eb8789595ea893de786ec2f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS50-C1
etag
W/ff2e6236d109554dfc44d89b111fd74c
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
bAs2-LDmthbMnzggC4l5FkIsx0D6-3iCfQ7NIoLDUNF2LbDo8FbXQw==
via
1.1 9bd09ac7aca1ea8ca6c788136a9ce480.cloudfront.net (CloudFront)
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2069703078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medicloud.ch%2F&ul=en-us&de=UTF-8&dt=pasci&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=516938155&gjid=151119833&cid=383121239.1606320053&tid=UA-91807727-1&_gid=1054101192.1606320053&_r=1&gtm=2wgb41TN8XC74&z=792461236
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 16:00:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.medicloud.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.29
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
UA0SmjO6wefp2Nej5/sdHS6ZVqYax8Fv+IRVJs+fQKadmS7mhJDDpXNhuNxirP6L8ysc14WMzp2XB/a1dpbCSg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 16:00:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1841100119461232
connect.facebook.net/signals/config/ 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1841100119461232?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f6240ac0115c82c4cfe0c19bc9e55734565b9dbe03fbd8d5a6e9c18214023f9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
giDhWDal1eJV+XEzBl2sP5rIO7DyvCi2+1y/oIVqBrdWzkyJJMFKWSffAwzzCQDXkM1Ex7+ZjfWP/ATUshekhA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 16:00:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1148175963
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-91807727-1&cid=383121239.1606320053&jid=516938155&gjid=151119833&_gid=1054101192.1606320053&_u=YEBAAAAAAAAAAC~&z=597148520
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 Nov 2020 16:00:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.medicloud.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-91807727-1&cid=383121239.1606320053&jid=516938155&_u=YEBAAAAAAAAAAC~&z=1526589152
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 16:00:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-91807727-1&cid=383121239.1606320053&jid=516938155&_u=YEBAAAAAAAAAAC~&z=1526589152
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 16:00:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1841100119461232&ev=PageView&dl=https%3A%2F%2Fwww.medicloud.ch%2F&rl=&if=false&ts=1606320053431&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606320053429.698698576&it=1606320053344&coo=false&rqm=GET
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 16:00:53 GMT
modules.57ea23045c4b2bda7709.js
script.hotjar.com/ 		220 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.57ea23045c4b2bda7709.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1720261.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-28.ams54.r.cloudfront.net
Software
/
Resource Hash
e0e7226d54d8f44923dde5e32f1584be9fe518e1063d905611b29478d514fdde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 13:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
10238
x-cache
Hit from cloudfront
content-length
58745
access-control-allow-origin
*
last-modified
Wed, 25 Nov 2020 13:06:42 GMT
etag
"ae3656c5a45d698bd7f6845c6b8aba2d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS54-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
CWqhwh-TEuN5ULAXqiNjzzZ7wx9kaBnXQKyb9F461GdFVu_d5XMbnA==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 54AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1720261.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-73.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medicloud.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medicloud.ch/

Response headers

content-type
text/html
content-length
851
date
Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fbM_JtsXgbR0Ho6ZrtFVNwUgaVkbgY5qy7othk07Wg2P66cEoY3GuA==
age
4417088
visit-data
in.hotjar.com/api/v2/client/sites/1720261/ 		178 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1720261/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.57ea23045c4b2bda7709.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.24.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-24-70.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Nov 2020 16:00:53 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
default@100x.jpg
cdn.airbit.com/avatars/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.airbit.com/avatars/default@100x.jpg
Requested by
Host: www.medicloud.ch
URL: https://www.medicloud.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4e00:1e:7b69:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2df2d4d16fd7dd35216ad10bfedb8eef15bbe5acd8b60ecdc3548f28aed8f396

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 22 Nov 2020 02:05:03 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
last-modified
Sat, 13 May 2017 10:00:38 GMT
server
AmazonS3
age
309351
etag
"c665c76428c0bf44e334e8c41e0391d4"
x-cache
Hit from cloudfront
x-amz-version-id
mExLQvs7OAumWA6JHtuAIIXsYUIzbJTL
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2997
x-amz-cf-id
lPbdSImnSX7OSKCy5xIrVCAXnubRIbfKzRqOZIJnzVxARVH_k5_vMg==
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1841100119461232&ev=Microdata&dl=https%3A%2F%2Fwww.medicloud.ch%2F&rl=&if=false&ts=1606320054940&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22pasci%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.1.1606320053429.698698576&it=1606320053344&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medicloud.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 16:00:54 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 16:00:54 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| ab function| _typeof function| $ function| jQuery function| _ function| swal function| sweetAlert function| Slider function| moment object| bootbox function| Stripe object| dataLayer object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate function| vueRecaptchaApiLoaded function| Hammer object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled

13 Cookies

Domain/Path Name / Value
.medicloud.ch/ Name: _hjFirstSeen
Value: 1
.medicloud.ch/ Name: _hjid
Value: 8338321e-955e-4b49-b11e-77e4eca716fd
.medicloud.ch/ Name: _fbp
Value: fb.1.1606320053429.698698576
www.medicloud.ch/ Name: _hjIncludedInPageviewSample
Value: 1
.medicloud.ch/ Name: _gat_UA-91807727-1
Value: 1
www.medicloud.ch/ Name: _hjIncludedInSessionSample
Value: 1
.medicloud.ch/ Name: _hjTLDTest
Value: 1
.medicloud.ch/ Name: _gid
Value: GA1.2.1054101192.1606320053
.medicloud.ch/ Name: _hjAbsoluteSessionInProgress
Value: 0
.medicloud.ch/ Name: _ga
Value: GA1.2.383121239.1606320053
.medicloud.ch/ Name: airbit_session
Value: eyJpdiI6IllZMTBucDVsbk81eHBIVEJlZUNQd2c9PSIsInZhbHVlIjoiRkxMZ0ZYV0R5Mnd1VFZGb3RZNDNFbm1FZHAwUzk5Yk9sbDdnSWRpNjZZUXk1dXplV2FXSjl5NVdNVmN5ejl0TSIsIm1hYyI6ImYyNTZmNDZmODcxOWZjZTNlNmU2OGM2MjI4NmI1MGM3ZjA5YTAwODRlYTNjNTJiNjk1N2I5NGYxYjhhMzA5ZGEifQ%3D%3D
.medicloud.ch/ Name: cart_id
Value: eyJpdiI6IkVEbTdGc3JcL1dtSHdnT2pQQUhibWd3PT0iLCJ2YWx1ZSI6IjZcL0ZRVlFFckhuRUNMb0RES1wvRVpHaEMwMXlWQlBMd1JrMkZUc1ViWUdNQm1ydUlIWmdDN0pqeGVUK21BUXBobyIsIm1hYyI6IjE2NDlmMzE2MjIxYmYwZmRlYzBhZWIwNTJhZTI0ZTA3MWU0MjkzNTRhNGE1MzZmMTIzY2VlNGVlYTIzNjdkNmIifQ%3D%3D
.medicloud.ch/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5CcUthOWhcL2VNcEdHdG5GYk1FZ1dRPT0iLCJ2YWx1ZSI6Ik5yQXdyU1JXMFZJVUhXNUpEaFpSakZhMVwvVW9HWTBja3hKSkJzMVZDenVTYXpnYkV4WlUrYXZnS04zREcwa1d0IiwibWFjIjoiY2E2NzMxOTZkMjg0MmUwODg2NjNkYjlhYmI2YmM2ZDJlNWMzYTI5M2IxYTRmNzYxNzAzYmIyOTFmMTg4MTgxNSJ9

1 Console Messages

Source Level URL
Text
console-api debug URL: https://airbit.com/assets/infinity/js/infinity.js?id=fc9ca4a1226b7588ae5a(Line 1)
Message:
[bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airbit.com
api.airbit.com
cdn.airbit.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
in.hotjar.com
js.stripe.com
pagead2.googlesyndication.com
script.hotjar.com
sessions.bugsnag.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.medicloud.ch
13.224.198.73
13.227.219.28
13.32.240.67
151.101.112.176
151.101.12.193
2600:1901:0:7a0b::
2600:9000:206f:4e00:1e:7b69:edc0:93a1
2600:9000:206f:b000:1c:6508:40c0:93a1
2600:9000:2156:a000:15:515:3740:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2002
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.230.43.178
52.51.24.70
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
133ef7cd5d34ee12ca76ea374e48410e81545790de226170fa2d9bcdb6caf513
1427e05e9cf64929c15e8d6ae49f5410b2b015437d2a14226c2b240da22aa440
1925523222173df5af9de6d434114d7202ba8ff055e8a7268e6107088c4111f5
2a9561ce20553de71619413b3498795ca62cbc2a490d3db73e6423e92e115732
2df2d4d16fd7dd35216ad10bfedb8eef15bbe5acd8b60ecdc3548f28aed8f396
3189e09ff1a05c9bfebd9129390d9cc20fb393f9c191d85dd5d3e06409fc18ec
38d510105dd37d41c60bdc3e2105cbf7e7f13f00eb8789595ea893de786ec2f7
39f10aa82af51497de86ea10eb48b2681bb0898b83d9fa160947644a68511714
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
59680643d2755cb35ec975c9f2f5b0353e347f2b2d1881686374ff0b752f75ed
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
7173a1db5fd7725ffa0f9ab6e7291f413a583aa678f068b4273334ebd4a19d38
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f6210cab72f0d324a62c6ce2c1bef85cc115c4f1eecdce93e88b999aaeb4d5d
9f6240ac0115c82c4cfe0c19bc9e55734565b9dbe03fbd8d5a6e9c18214023f9
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
c4e97edb4a8980564138ef96147a7ae04fe9472a4eaebb77a0c00e07606b887b
c6cdf2309caa28f8a34e3100dd96298ca5b3099b57f9be93fb69c79f53f16d10
cb8106bde5fe84b4c5d03639774f732367864b35f334e092ee36413a48374229
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
ddce04bcf7f8c1e58d04f4f3cbc014fc80d82ea2fe69e3a783eabbf3ebac0753
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e7226d54d8f44923dde5e32f1584be9fe518e1063d905611b29478d514fdde
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f550764382899eb64f9357b13feb1a71c6df89e63421e970fd59685b2cc9d653