covid19.place Open in urlscan Pro
44.241.134.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covid19.place/
Submission: On June 14 via manual (June 14th 2022, 12:45:19 pm UTC) from IE — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 44.241.134.153, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is covid19.place.
TLS certificate: Issued by Amazon on January 8th 2022. Valid for: a year.

This is the only time covid19.place was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	44.241.134.153 44.241.134.153	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.238.148.29 44.238.148.29	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
41	15

13 44.241.134.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-134-153.us-west-2.compute.amazonaws.com

covid19.place	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iamsolution.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.148.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-148-29.us-west-2.compute.amazonaws.com

iamsolution.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	212 KB
10	iamsolution.org iamsolution.org	75 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 125	10 KB
4	covid19.place covid19.place	54 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 15715 adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	75 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5111 adservice.google.de — Cisco Umbrella Rank: 7295	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	647 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329	31 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	70 KB
41	10

	Domain	Requested by
10	iamsolution.org	covid19.place iamsolution.org
8	pagead2.googlesyndication.com	covid19.place pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	covid19.place	covid19.place
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	cdn.jsdelivr.net	covid19.place
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	covid19.place
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	covid19.place
1	www.googletagmanager.com	covid19.place
41	15

This site contains no links.

Subject Issuer	Validity	Valid
iamsolution.org Amazon	`2022-01-08` - `2023-02-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://covid19.place/
Frame ID: B2DD2E474F318A781E7DB652FB3EBDF9
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220609/r20190131/zrt_lookup.html
Frame ID: B76C5A6B9CF4405BF3737F69881519C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&adk=1812271804&adf=3025194257&lmt=1655210714&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcovid19.place%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714128&bpp=2&bdt=1003&idt=100&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6682638200170&frm=20&pv=2&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116
Frame ID: 27F8C763709436DA4BF195CFE93ED0B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&h=280&slotname=5679987300&adk=2196027170&adf=2203817618&pi=t.ma~as.5679987300&w=1200&fwrn=4&fwrnh=100&lmt=1655210714&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fcovid19.place%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714130&bpp=2&bdt=1005&idt=123&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6682638200170&frm=20&pv=1&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qHTNpETODN&p=https%3A//covid19.place&dtd=128
Frame ID: 897293E8F7B4265E21FD1E059B27BE8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&h=280&slotname=5679987300&adk=2625024436&adf=2310723320&pi=t.ma~as.5679987300&w=1200&fwrn=4&fwrnh=100&lmt=1655210714&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fcovid19.place%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714132&bpp=1&bdt=1007&idt=193&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6682638200170&frm=20&pv=1&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uoVCAD3iPj&p=https%3A//covid19.place&dtd=197
Frame ID: DC8EEDA1CC818C151013C946F6EE34D4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E02E00EBDB37AA82863000F5B1B17F61
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC5942D4A3D97FCAC9F8CFDF03D084D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Schweden: 13.06.2022 - Covid 19 Fälle heute • Covid19 Place

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

531 kB
Transfer

1426 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
covid19.place/ 122 KB
28 KB 935ms
451ms Document
text/html 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ca593b531adaf7045f71ae21671a7bbc69255549f6c332c52419dceb4da4950c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 12:45:12 GMT
server: nginx/1.20.0
vary: Accept-Encoding

GET
H2 200 front.main.css
covid19.place/assets/css/ 40 KB
9 KB 158ms
156ms Stylesheet
text/css 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.place/assets/css/front.main.css?1646843292=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 0e5fd7545dce401f5c6201c1ba04c9084c928bc3ea0fddd2e8223c411f85867a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 16:28:12 GMT
server: nginx/1.20.0
etag: W/"6228d59c-a13b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:13 GMT

GET
H2 200 theme.css
iamsolution.org/assets/css/ 3 KB
1 KB 896ms
158ms Stylesheet
text/css 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/css/theme.css?1642348356=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 96f9d34a836850d7c0dd040aaa8893ca2ee28ad90721dae08d87b780a387ff7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:13 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 15:52:36 GMT
server: nginx/1.20.0
etag: W/"61e43f44-ac5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:13 GMT

GET
H2 200 icons.css
iamsolution.org/assets/vendor/fontello/css/ 6 KB
2 KB 898ms
160ms Stylesheet
text/css 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/vendor/fontello/css/icons.css?1641500400=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 3c4fe1bc3eaffe655eb6d2c3178c324c3d59ff45a685d8878df21eff3a0761f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:13 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 20:20:00 GMT
server: nginx/1.20.0
etag: W/"61d74ef0-1717"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:13 GMT

GET
H2 200 icon-brands.css
iamsolution.org/assets/css/ 575 B
540 B 893ms
155ms Stylesheet
text/css 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/css/icon-brands.css?1642348356
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b1335e0089dc8d756fa9319a7fd720a888f9b1e7ed80a262a72cbf15fca64294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:13 GMT
content-encoding: gzip
last-modified: Sun, 16 Jan 2022 15:52:36 GMT
server: nginx/1.20.0
etag: W/"61e43f44-23f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
70 KB 70ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XCPCQBM4PT

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76bef5baaeb76938117f14bfeacd045b3a73ec23ed350253f3483ffe14f50ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71663
x-xss-protection: 0
expires: Tue, 14 Jun 2022 12:45:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8238958029139641

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

020903f3970204746cff20422d83ee5b3b0b232a372b2917756ab1b7e9a8610b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Origin: https://covid19.place
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56436
x-xss-protection: 0
server: cafe
etag: 3632048816397982606
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 12:45:14 GMT

GET
H2 200 covid19.place.svg
iamsolution.org/assets/img/logos/ 7 KB
4 KB 159ms
156ms Image
image/svg+xml 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iamsolution.org/assets/img/logos/covid19.place.svg
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 133b0dfdf21ce80e0f4da965a08ab6585f84109f4efaa877485f1f9f1259de2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 03:20:26 GMT
server: nginx/1.20.0
etag: W/"6170dc7a-1c9d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 covid19.place.svg
iamsolution.org/assets/img/logos/ 7 KB
4 KB 159ms
157ms Image
image/svg+xml 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iamsolution.org/assets/img/logos/covid19.place.svg?1.0
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 133b0dfdf21ce80e0f4da965a08ab6585f84109f4efaa877485f1f9f1259de2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 03:20:26 GMT
server: nginx/1.20.0
etag: W/"6170dc7a-1c9d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
iamsolution.org/assets/vendor/js/ 76 KB
23 KB 159ms
158ms Script
application/javascript 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/vendor/js/bootstrap.bundle.min.js?499191300=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 16:15:00 GMT
server: nginx/1.20.0
etag: W/"1dc10e04-13131"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 10:33:32 GMT

GET
H2 200 chart.js Show response
cdn.jsdelivr.net/npm/ 192 KB
67 KB 64ms
26ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chart.js

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70754ee1da997da9918560fbb38897c9a5d654ad74a1d0feaa9e3189d173a932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7137
x-jsd-version: 3.8.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-iad-kiad7000077-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3018d-71ezFFx/AIYGspXSFXvrtlqUREM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07XAj8DJdOt72owmr4qECYO%2B4iDu6u25eLs8Q2O05c2QX5SRQ6W2lUket1B08Gwxi6BMop6D6VyMF%2F4rZFMl%2BtvM2fSvn2lvoK9nnZE4VugQgEC7Y43lmkRc9yciBfK3gciGKplaTY2LTLr94QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 71b32973082b23af-ZRH
access-control-expose-headers: *

GET
H2 200 chartjs-plugin-datalabels@2.0.0 Show response
cdn.jsdelivr.net/npm/ 13 KB
6 KB 58ms
20ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chartjs-plugin-datalabels@2.0.0

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4605ba20245c1e0cf5bda1a42f97a0400aa6916c466f06b6137068cffdc26a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 5215
age: 7355339
x-jsd-version: 2.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"325d-1i0VSGXusgtTUcM/0yw5Uhk84/4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGPU1rkyqXZt9abOCGyFfjG%2BevO4bXVK0r3j898EyYbOzXyJkOC6YT4KRrbZU3Mk%2FHqWN0lVW0c%2FCj197HtCgFtdyk6c5eeWHJ6W68zCnGw0fSUrrvJm%2BF6U3dn1YExnE6LUIpk%2FwD2d4hvuInM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71b32973082e23af-ZRH

GET
H2 200 chartjs-plugin-stacked100@1.2.0 Show response
cdn.jsdelivr.net/npm/ 4 KB
2 KB 162ms
126ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/chartjs-plugin-stacked100@1.2.0

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df4794a1a75cf3a3c641cfb27583688424205e65d53b420582fd5569bafb0479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version: 1.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19155-FRA, cache-iad-kiad7000027-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"e61-Mm222ug1Q8tH+fkh1ir2INlFhi8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vV0W1UMTOoBJZt0CZxD7hItwyN5tsMqXkfRpmVSv113%2F3Al0VJYQdOA2giue5QH%2F7bK1Johkbt8qaJQmeBPbxMnOk41jarRRV9KenZPm3oU%2B0X9WEKLD7OYdZmXLgsJcRztGJWR8sGNfFPJ2reY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71b32973083023af-ZRH
access-control-expose-headers: *

GET
H2 200 required.js Show response
iamsolution.org/assets/jsm/ 5 KB
2 KB 160ms
156ms Script
application/javascript 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/jsm/required.js?16418836043=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 29cdc2efc6fd55bd0a7071983dd1b52502c6392df6fd66eb8d5d86281c80ecda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 06:46:44 GMT
server: nginx/1.20.0
etag: W/"61dd27d4-1361"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 front.main.js Show response
covid19.place/assets/jsm/ 7 KB
2 KB 159ms
156ms Script
application/javascript 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19.place/assets/jsm/front.main.js?16439726223=1
Requested by: Host: covid19.place
URL: https://covid19.place/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 4898ee26aefda61f716b40cc6fdafe3dda499df550025f854ba4cb20ad4714ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
last-modified: Fri, 04 Feb 2022 11:03:42 GMT
server: nginx/1.20.0
etag: W/"61fd080e-1d69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 bg-white.jpg
iamsolution.org/assets/img/ 5 KB
5 KB 274ms
273ms Image
image/jpeg 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iamsolution.org/assets/img/bg-white.jpg?v=1
Requested by: Host: iamsolution.org
URL: https://iamsolution.org/assets/css/theme.css?1642348356=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 8a58b450b28e56e676248a5671e6e370fe88c532d59f4548d4570a68da5abe88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iamsolution.org/assets/css/theme.css?1642348356=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
last-modified: Sat, 31 Jul 2021 09:32:06 GMT
server: nginx/1.20.0
etag: "61051896-127b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4731
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 bg-dark.jpg
covid19.place/assets/img/ 15 KB
15 KB 293ms
292ms Image
image/jpeg 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid19.place/assets/img/bg-dark.jpg?v=1
Requested by: Host: covid19.place
URL: https://covid19.place/assets/css/front.main.css?1646843292=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 66df3ec7c3e780f847a38c1d05310fdbd597b4ba2ca9c79fa5eded30672f8c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/assets/css/front.main.css?1646843292=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
last-modified: Sat, 31 Jul 2021 09:31:36 GMT
server: nginx/1.20.0
etag: "61051878-3ba2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15266
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icons.woff2
iamsolution.org/assets/vendor/fontello/font/ 18 KB
18 KB 627ms
311ms Font
font/woff2 44.238.148.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iamsolution.org/assets/vendor/fontello/font/icons.woff2?73883333
Requested by: Host: iamsolution.org
URL: https://iamsolution.org/assets/vendor/fontello/css/icons.css?1641500400=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.148.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-148-29.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: f3d3cbc15b93c114f2c2bbf310672cb3fe4109c84ccfab8a7f888082c07b64ce

Request headers

Referer: https://iamsolution.org/assets/vendor/fontello/css/icons.css?1641500400=1
Origin: https://covid19.place
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
last-modified: Thu, 06 Jan 2022 20:20:00 GMT
server: nginx/1.20.0
etag: "61d74ef0-4854"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 18516
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H2 200 bg-dark.jpg
iamsolution.org/assets/img/ 15 KB
15 KB 156ms
156ms Image
image/jpeg 44.241.134.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iamsolution.org/assets/img/bg-dark.jpg?v=1
Requested by: Host: iamsolution.org
URL: https://iamsolution.org/assets/css/theme.css?1642348356=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.134.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-134-153.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 66df3ec7c3e780f847a38c1d05310fdbd597b4ba2ca9c79fa5eded30672f8c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iamsolution.org/assets/css/theme.css?1642348356=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 12:45:14 GMT
last-modified: Sat, 31 Jul 2021 09:31:36 GMT
server: nginx/1.20.0
etag: "61051878-3ba2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15266
expires: Wed, 14 Jun 2023 12:45:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/ 342 KB
121 KB 58ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8238958029139641&plah=covid19.place&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=true&easai=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8238958029139641

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eab4e9804c418178df0fe75db61702de665adee699a56d9802f7e6d69283a86b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123500
x-xss-protection: 0
server: cafe
etag: 13497897719049784285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 12:45:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220609/r20190131/ Frame B76C 10 KB
5 KB 32ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220609/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8238958029139641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Jun 2022 20:15:09 GMT
etag: 14734731752043123527
expires: Mon, 27 Jun 2022 20:15:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
345 B 63ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XCPCQBM4PT&gtm=2oe6d0&_p=1999452264&_z=ccd.tdB&_gaz=1&cid=1499280415.1655210714&ul=en-us&sr=1600x1200&_s=1&sid=1655210714&sct=1&seg=0&dl=https%3A%2F%2Fcovid19.place%2F&dt=Schweden%3A%2013.06.2022%20-%20Covid%2019%20F%C3%A4lle%20heute%20%E2%80%A2%20Covid19%20Place&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCPCQBM4PT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:45:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covid19.place
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XCPCQBM4PT&cid=1499280415.1655210714&gtm=2oe6d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCPCQBM4PT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:45:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covid19.place
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
33ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XCPCQBM4PT&cid=1499280415.1655210714&gtm=2oe6d0&aip=1&z=1679304084

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:45:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
647 B 78ms
15ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=covid19.place&callback=_gfp_s_&client=ca-pub-8238958029139641

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8238958029139641&plah=covid19.place&ama_t=adsense&asntp=100&asntpv=10&asntpl=10&asntpm=10&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=0.9&asptt=-1&easpi=true&asro=true&easai=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

7cfa24aa9a80d1afd4ff3d712296549b2bd4e82e289e2fd7fceab576ebe685f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 55ms
19ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=covid19.place

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=covid19.place

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fcovid19.place%2F&tn=DIV&cls=sticky-menu%20bg-secondary&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:45:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27F8 10 KB
4 KB 233ms
218ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&adk=1812271804&adf=3025194257&lmt=1655210714&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcovid19.place%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714128&bpp=2&bdt=1003&idt=100&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6682638200170&frm=20&pv=2&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=116

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed6a382dd8ac192982bcc5fafaac1b79e85746bbf182f3b3c649548f73d179a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 12:45:14 GMT
expires: Tue, 14 Jun 2022 12:45:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8238958029139641&c=5&e=44765406&ld=de&lx=en&n=0&o=sl&p=27&t=0&w=2602&x=1&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605

Requested by

Host: covid19.place
URL: https://covid19.place/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 12:45:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8972 436 B
236 B 401ms
399ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&h=280&slotname=5679987300&adk=2196027170&adf=2203817618&pi=t.ma~as.5679987300&w=1200&fwrn=4&fwrnh=100&lmt=1655210714&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fcovid19.place%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714130&bpp=2&bdt=1005&idt=123&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6682638200170&frm=20&pv=1&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qHTNpETODN&p=https%3A//covid19.place&dtd=128

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704c53c0ce5205f2a7c2c62eb7f7568d3e521354b4145e18299262fc754fe576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 12:45:14 GMT
expires: Tue, 14 Jun 2022 12:45:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC8E 436 B
236 B 390ms
390ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238958029139641&output=html&h=280&slotname=5679987300&adk=2625024436&adf=2310723320&pi=t.ma~as.5679987300&w=1200&fwrn=4&fwrnh=100&lmt=1655210714&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fcovid19.place%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655210714132&bpp=1&bdt=1007&idt=193&shv=r20220609&mjsv=m202206090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6682638200170&frm=20&pv=1&ga_vid=1499280415.1655210714&ga_sid=1655210714&ga_hid=1999452264&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1778&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C21066428%2C44765406%2C42531605&oid=2&pvsid=3558491401649822&tmod=876189502&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uoVCAD3iPj&p=https%3A//covid19.place&dtd=197

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65cbaef86a0177dee3ea6703d3c43cb9dff046d89f212643d42325b00bbbee83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 12:45:14 GMT
expires: Tue, 14 Jun 2022 12:45:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 37ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220609&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4edb48614139b1979c6ac824b11e3bc82044d5a225264721adabba90d2904bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10702
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 12:45:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E02E 13 KB
5 KB 24ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 12:41:45 GMT
expires: Wed, 14 Jun 2023 12:41:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC59 783 B
1 KB 51ms
24ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d37099c344e605e7187a89233c64c29fc3edf55f933f39f9fee7f07a395f44d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MwuEEQHiClHjIfeSG0mVNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covid19.place/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MwuEEQHiClHjIfeSG0mVNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 12:45:14 GMT
expires: Tue, 14 Jun 2022 12:45:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js Show response
pagead2.googlesyndication.com/bg/ Frame E02E 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CnoZAs8LLGLdiZmvwH5JG-0Ol-GPeQ_utKIi1OQFCbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13857
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 11:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC59 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220609&jk=3558491401649822&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E02E 0
9 B 9ms
5ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sTDNtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 12:45:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220609&jk=3558491401649822&bg=!d3SldDDNAAaJfvByqX47ACkAdvg8WrzceWmDebzF0aMQNrw5vJu5sjVeOccAb_5_6tPrbY8ZdK5FYwIAAABvUgAAAAdoAQcKAQ3fXyAofAOEWacF7CLue9N9fK6zw_LDK1ce9dIWjUGg6OWKTR_0NzM6YsS8IRga3JeawZ3llsF0z9WbK1VQ2cK8iy1Zjww6JIQmfFkRCxjVIJwcedVnGYWaagpkZZztEqgHrFhnOdFFduSDypEIXSUlhbKL4VlKPTvq0DT7plyxA2AvyVpL7yNL3vmBkFqUKxiUdjNPotxUPbmnbwBlk-BerHkAUZ_zNLM6OVbDzuiN-m6OrXZplV3PqKsmGjWSoLesFLOfkrrzkPxlFcRMq5Eym6HgbMaN-PZuX2GcCFgRVSJMYDwVe3XgvFQYZUkM88yzwpS8mi3oFEVpMB85k5VWF182Jay1DjZPEjstDZkCjVAKQMngdatuIgbEap0nr5giGT-vwKTmDT1YRqD2yjzGcRwa2mI0ewbnRxUjVzWaAd-lmB1ufHq6PPY654fGxY9R_ffcWN4GZvS4ExzvTfnUs3z4F4mDSd1RTpkzxDx7Ptp6RJ3YS80b7mvIZ8T_7qVrjwgnR7TeF1Aa6aEntJ4bX2bhynECJ2g_nOCxCDUd0EFfD5_LcYzknxJGkiZw35YgKkFDQCgvD1DtDZ9cN0s7idZkyWa6_INjYfoLSorMFQbNqwKJNsl26X6Z4ZXrrpTiots4ZQ7RvW_Lk-MOsbAOluefUUnKZsJzfalhS5Lj-UsAbfug1aEW9eD4WQ1WX0pQfbLPeeNAidrTUo14TLk3rnE9wjSSRvKYNmtD6G1vseHaEeBfyf66tj1FudwFY9qJtuL4F9ZASNMOZUsbgFnZjtswrHV2SOXb1TT5UvQ8njiapq5w258asJSH-sIrT4QiH6AaL7w-jur-OrVPJuSdMSRnb75zRnfV9W5WE_FWEklpiHWwALKjSsnlaf5PGLyjFs7kr8t0pB625o-6L_cIX1ZfKdK3ug9p6oShCftrh97JrNSdNRROpuWIqiSDk1q-T3os3t5G1iUq19Yfobdpa9GqBauo4lnA_KH8Gjy6R9Pm7eGeVdXvVcDwSRYfYW0TJA1Y6JebxHHlgGgLlO3GW7Zj4upkOsP4myxoMlH7qzvtzqfjDs1aNJfYU19IFW916i-67Wh11JePugtK8T7Pcr8k26hCIoxuMHMLUN17GgvK4iAcFiDH6bQi9ryYzZ6NjLNvpkoVMDN5RnzUnoO97K6xm22QLsQ80llovQBn3H_W51lv5A1hjZ-v_qDkptNOn9-mbz_QiOL4Ciiv
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://covid19.place/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.covid19.place/	1970-01-20 12:32:26	Name: SID1 Value: wACEyL1P6VjdCZCO5ozd3xKp69ojNU8h5kvZNCdT00Kw8FEm5Kn8EYIBCcHd4IG7LMvuv2eMLHnGslSPKkOZb7Br6zKir2oRHkcgba3UALifW4FZYM3yPrqxNtY3YEWGhno9dc49il%2F4uAygF9V0OIUDStl%2Bhy2H%2BgD8n%2Bn0tPtBH1nOF1hvrsJTrbY7OWa5I8I4uoEqM3H2QyCa9fM%2BGcdws1EuQp13iib3DSK8sP1PateToq%2F19xy5Z8k6wQuIv6DWtmFxyay1EyXAuGc%3D
.covid19.place/	1970-01-20 21:18:02	Name: _ga_XCPCQBM4PT Value: GS1.1.1655210714.1.0.1655210714.60
.covid19.place/	1970-01-20 21:18:02	Name: _ga Value: GA1.1.1499280415.1655210714
.covid19.place/	1970-01-20 13:08:26	Name: __gads Value: ID=ebb41d4d03361fb7-22b39920b1cd0042:T=1655210714:RT=1655210714:S=ALNI_MazGrnPeYQ28Z3XYfwooVjbHJ-VPA
.doubleclick.net/	1970-01-20 03:46:51	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.jsdelivr.net
covid19.place
googleads.g.doubleclick.net
iamsolution.org
pagead2.googlesyndication.com
partner.googleadservices.com
region1.analytics.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
172.217.18.2
2001:4860:4802:34::36
2606:4700::6810:5714
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:400c:c00::9a
44.238.148.29
44.241.134.153
020903f3970204746cff20422d83ee5b3b0b232a372b2917756ab1b7e9a8610b
0a7a1902cf0b2c62dd8999afc07e491bed0e97e18f790feeb4a222d4e40509bb
0e5fd7545dce401f5c6201c1ba04c9084c928bc3ea0fddd2e8223c411f85867a
133b0dfdf21ce80e0f4da965a08ab6585f84109f4efaa877485f1f9f1259de2a
29cdc2efc6fd55bd0a7071983dd1b52502c6392df6fd66eb8d5d86281c80ecda
3c4fe1bc3eaffe655eb6d2c3178c324c3d59ff45a685d8878df21eff3a0761f8
4605ba20245c1e0cf5bda1a42f97a0400aa6916c466f06b6137068cffdc26a93
4898ee26aefda61f716b40cc6fdafe3dda499df550025f854ba4cb20ad4714ac
4edb48614139b1979c6ac824b11e3bc82044d5a225264721adabba90d2904bfc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65cbaef86a0177dee3ea6703d3c43cb9dff046d89f212643d42325b00bbbee83
66df3ec7c3e780f847a38c1d05310fdbd597b4ba2ca9c79fa5eded30672f8c19
704c53c0ce5205f2a7c2c62eb7f7568d3e521354b4145e18299262fc754fe576
70754ee1da997da9918560fbb38897c9a5d654ad74a1d0feaa9e3189d173a932
76bef5baaeb76938117f14bfeacd045b3a73ec23ed350253f3483ffe14f50ccd
7cfa24aa9a80d1afd4ff3d712296549b2bd4e82e289e2fd7fceab576ebe685f9
8a58b450b28e56e676248a5671e6e370fe88c532d59f4548d4570a68da5abe88
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
96f9d34a836850d7c0dd040aaa8893ca2ee28ad90721dae08d87b780a387ff7d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1335e0089dc8d756fa9319a7fd720a888f9b1e7ed80a262a72cbf15fca64294
ca593b531adaf7045f71ae21671a7bbc69255549f6c332c52419dceb4da4950c
d37099c344e605e7187a89233c64c29fc3edf55f933f39f9fee7f07a395f44d8
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
df4794a1a75cf3a3c641cfb27583688424205e65d53b420582fd5569bafb0479
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab4e9804c418178df0fe75db61702de665adee699a56d9802f7e6d69283a86b
ed6a382dd8ac192982bcc5fafaac1b79e85746bbf182f3b3c649548f73d179a0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d3cbc15b93c114f2c2bbf310672cb3fe4109c84ccfab8a7f888082c07b64ce
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

covid19.place Open in urlscan Pro 44.241.134.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

79 %IPv6

10 Domains

15 Subdomains

15 IPs

3 Countries

531 kBTransfer

1426 kBSize

5 Cookies

0 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid19.place Open in urlscan Pro
44.241.134.153 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

531 kB
Transfer

1426 kB
Size

5
Cookies

41 HTTP transactions
1 data transactions