urlscan.io logo urlscan.io
SecurityTrails logo

covid.vikingcorp.com Open in urlscan Pro
66.220.23.67  Public Scan

Go To Rescan Add Verdict Report
URL: http://covid.vikingcorp.com/
Submission: On December 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 3 countries across 28 domains to perform 68 HTTP transactions. The main IP is 66.220.23.67, located in Castle Rock, United States and belongs to HURRICANE, US. The main domain is covid.vikingcorp.com.
This is the only time covid.vikingcorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 66.220.23.67 6939 (HURRICANE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.214.65 16509 (AMAZON-02)
3 34.160.110.8 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
1 3 13.224.214.23 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.8.126.234 16509 (AMAZON-02)
7 151.101.192.176 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 34.160.128.112 15169 (GOOGLE)
9 54.187.119.242 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 3 13.224.205.195 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
2 74.119.119.139 19750 (AS-CRITEO)
1 35.84.249.238 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 2620:116:800b... 27281 (QUANTCAST)
2 2600:9000:251... 16509 (AMAZON-02)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 54.185.76.115 16509 (AMAZON-02)
1 23.76.39.148 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 141.95.98.64 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 141.95.33.111 16276 (OVH)
68 34
4    66.220.23.67 (Castle Rock, United States)

ASN6939 (HURRICANE, US)
covid.vikingcorp.com
5    2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2607:f8b0:4006:820::2008 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:824::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.224.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-65.phl50.r.cloudfront.net
static.hotjar.com
3    34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
2    2600:9000:20ed:aa00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
3    13.224.214.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-23.phl50.r.cloudfront.net
sb.scorecardresearch.com
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2607:f8b0:4006:80c::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:823::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    52.8.126.234 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-126-234.us-west-1.compute.amazonaws.com
apis.cmp.quantcast.com
7    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2607:f8b0:4006:817::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
9    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
r.stripe.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:20ed:1c00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)
d3div1mtym39ic.cloudfront.net
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    35.84.249.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-249-238.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
pixel.quantserve.com
2    2600:9000:2514:da00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    2600:9000:20ed:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:20ed:2400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    54.185.76.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-76-115.us-west-2.compute.amazonaws.com
m.stripe.com
1    23.76.39.148 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-39-148.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
Apex Domain
Subdomains		 Transfer
17 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1203
q.stripe.com — Cisco Umbrella Rank: 7246
r.stripe.com — Cisco Umbrella Rank: 4565
m.stripe.com — Cisco Umbrella Rank: 1181
275 KB
8 pub.network
a.pub.network — Cisco Umbrella Rank: 5330
d.pub.network — Cisco Umbrella Rank: 5858
c.pub.network — Cisco Umbrella Rank: 5591
441 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2441
1 KB
4 vikingcorp.com
covid.vikingcorp.com
1 MB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 333
9 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 167
3 KB
3 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3010
apis.cmp.quantcast.com — Cisco Umbrella Rank: 6415
50 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1431
639 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1107
id5-sync.com — Cisco Umbrella Rank: 476
18 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1022
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1262
16 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1113
pixel.quantserve.com — Cisco Umbrella Rank: 729
10 KB
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 9213
2 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
131 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
367 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1525
101 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
109 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1308
17 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
547 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4446
277 B
1 cloudfront.net
d3div1mtym39ic.cloudfront.net
39 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3362
11 KB
1 btloader.com
btloader.com — Cisco Umbrella Rank: 1106
106 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6855
463 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
28 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 701
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
1 KB
68 28
Domain Requested by
7 js.stripe.com covid.vikingcorp.com
js.stripe.com
5 r.stripe.com js.stripe.com
5 a.pub.network covid.vikingcorp.com
a.pub.network
4 q.stripe.com covid.vikingcorp.com
4 covid.vikingcorp.com covid.vikingcorp.com
3 c.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
covid.vikingcorp.com
2 rules.quantcount.com 1 redirects
2 m.stripe.network js.stripe.com
m.stripe.network
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 c.pub.network a.pub.network
2 api.floors.dev a.pub.network
2 securepubads.g.doubleclick.net www.googletagservices.com
2 www.google-analytics.com www.googletagmanager.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 cmp.quantcast.com a.pub.network
cmp.quantcast.com
2 www.googletagmanager.com covid.vikingcorp.com
www.googletagmanager.com
1 id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 pixel.quantserve.com
1 cdn.id5-sync.com
1 secure.cdn.fastclick.net covid.vikingcorp.com
1 m.stripe.com m.stripe.network
1 secure.quantserve.com a.pub.network
1 match.adsrvr.org a.pub.network
1 id.hadron.ad.gt a.pub.network
1 d3div1mtym39ic.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 apis.cmp.quantcast.com cmp.quantcast.com
1 cdn.hadronid.net covid.vikingcorp.com
1 btloader.com covid.vikingcorp.com
1 freestar-io.videoplayerhub.com 1 redirects
1 www.googletagservices.com a.pub.network
1 d.pub.network a.pub.network
1 static.hotjar.com covid.vikingcorp.com
1 fonts.googleapis.com covid.vikingcorp.com
68 38

This site contains links to these domains. Also see Links.

Domain
tinyurl.com
Subject Issuer Validity Valid
*.pub.network
E1		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
cmp.quantcast.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-01-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-11-30 -
2023-02-28		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
id.hadron.ad.gt
Amazon RSA 2048 M02		 2022-10-31 -
2023-11-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-01-26		 4 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://covid.vikingcorp.com/
Frame ID: 9400435003234116732CAF47ADB6FBAF
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
Frame ID: D737A393314445289BAD24A2413C7D8D
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4776D498833E51AE99B0DF8FFC3352F3
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 66E0713F0AB429F7384FFA08AD4E0100
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TinyURL.com - shorten that long URL into a tiny URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

68
Requests

79 %
HTTPS

56 %
IPv6

28
Domains

38
Subdomains

34
IPs

3
Countries

2837 kB
Transfer

6702 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 20
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=154&c7=http%3A%2F%2Fcovid.vikingcorp.com%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=154&c7=http%3A%2F%2Fcovid.vikingcorp.com%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
Request Chain 38
  • http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Request Chain 39
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcovid.vikingcorp.com%2F&domain=covid.vikingcorp.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bplM1XwvZkVTdi9Pb1ovVklVd2I3WVpSYjVvSlorRXdRUmw3ZGdHeWlubXJZSmdlamZpcnVIeWw3UFdxbGZPd2NSMHF5Ly9LZDRVSVpMNUtmZm1xZWdmYm0ydXdDaFB1bVRVUTdJbFgwcTl1azlwaWV3QjJxTTFHdmNwSW1VNldSRjMyZVdMRHE5QTg4YVg3Q3FwamRaV1h1U2FHV0xXZ05DNjh3ZVJnUURYaGtNeXVEN3MwL2J5ZGdJNDJLVjVxUzViZ0R6RURLcjJnUUtEMnBsSktWcXpxdG0za1F1cXo4R2l5VkM3a0xHdnZHYmFNYXRyc0hIQTBRL0htS2ovdUR1MFFCfA&cppv=2
Request Chain 55
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js HTTP 301
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Request Chain 61
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
covid.vikingcorp.com/ 		22 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://covid.vikingcorp.com/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 / PHP/8.1.10
Resource Hash
b5177790cf4404de44d6c9061febfb8cd35cd68f23495204b3ddb4ebd6f8df14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
close
Content-Language
en
Content-Length
22628
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Dec 2022 14:26:00 GMT
Server
lighttpd/1.4.55
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/8.1.10
X-XSS-Protection
1; mode=block
front.css
covid.vikingcorp.com/css/ 		482 KB
482 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://covid.vikingcorp.com/css/front.css?id=e8aafe4703b9f6e4bbc4a6aaf567c12a
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 /
Resource Hash
d72b784c7b56ffc81dd3a3f2c89943ac4896a02a859e2b5cf72c91da73443e1c

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:00 GMT
Last-Modified
Mon, 28 Nov 2022 20:32:13 GMT
Server
lighttpd/1.4.55
ETag
"624470610"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
493683
app.js
covid.vikingcorp.com/js/ 		924 KB
925 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://covid.vikingcorp.com/js/app.js?id=a7878cc39f290e4e3cd36915f5f59bbd
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 /
Resource Hash
a1bf647662c703d2d4eb2d2a7dbc1f34339f0a6e7a52aa1947763b43b4753cd0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:00 GMT
Last-Modified
Mon, 28 Nov 2022 20:32:13 GMT
Server
lighttpd/1.4.55
ETag
"457451361"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
946640
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2577
x-guploader-uploadid
ADPycduHdFUJNkYLNZ2hLvh5SCOBHnFWxOrMNRmrsXm0iNs7TOs1ReSZNv1IfCAEKHGOsc-Gbl2-fKgpeHW6kTROpWA_7_Lt4Wk6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
775def111b6ab3e5-MIA
expires
Wed, 07 Dec 2022 15:26:00 GMT
pubfig.min.js
a.pub.network/tinyurl-com/ 		166 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/tinyurl-com/pubfig.min.js
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
550a69b27ec446ed29798faffdae2673b29f92ec746ebff6d9a1e82abf343007

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56601
x-guploader-uploadid
ADPycdtgZCm59zEXkVH3OKf-kTrG46Y-nvq9WYTK-XPT1owIWxt8LkTwOkbDYiJ-a8K5QcGeF2MK-UgjZ2E11PHRnTF_ZkO68cGF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 22 Nov 2022 22:46:00 GMT
server
cloudflare
etag
W/"cbb70f94ba8b870681111f0affd64b42"
vary
Accept-Encoding
x-goog-hash
crc32c=q9IFaQ==, md5=y7cPlLqLhwaBER8K/9ZLQg==
x-goog-generation
1669157160410097
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
170264
cf-ray
775def17cfc6b3e5-MIA
expires
Wed, 07 Dec 2022 14:56:01 GMT
gtm.js
www.googletagmanager.com/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
114faf881c4db279c060d2448dc596c3b4469221f77a1009940fc0c217946d20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39425
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 07 Dec 2022 14:26:01 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat:wght@100;300;400;500;600;700&display=swap
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/css/front.css?id=e8aafe4703b9f6e4bbc4a6aaf567c12a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
803a8fac863db2c4a3fb57aa0189a09e8a076742e0d0c59172a9e9167d08c1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 07 Dec 2022 14:26:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 13:25:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 07 Dec 2022 14:26:01 GMT
hotjar-2976777.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2976777.js?sv=6
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-65.phl50.r.cloudfront.net
Software
/
Resource Hash
da3acf3a6970d3fee3c2423ec73f4186db025e5be3722938ca87c60a793fb497
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:26:01 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
25
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/bd866cce854b8beaf8acfac2ede073ac
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
wPwwurwC5gnYqM4SXtdCWCNKzpmcviHJVYJDHRRqTHiVt9V8KdXX9g==
init
d.pub.network/v2/ 		42 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=3163&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c89035c82d7765c2d5f6e687937e5b8c822c5c70b4afbfd10ff14446d30f892b

Request headers

Accept
application/json, text/plain, */*
Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:01 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
http://covid.vikingcorp.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
choice.js
cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:aa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dc2024d040e9fd2c86538442752902779b5db67377a394482fa58766abf8ee5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
gzip
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
last-modified
Tue, 13 Sep 2022 14:22:31 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
11
x-amz-server-side-encryption
AES256
etag
W/"9b1bcf279ce40fabb7d1a9fa392e9538"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Jj2UvFOZjv1nX2XKo_r9oTsOvcF3P8f01lqBxqZB4c6NwAfkGz2nrw==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 16:13:18 GMT
content-encoding
gzip
via
1.1 1d021a29a760cffd1a9d8324d2bfce92.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
79965
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
5Q_BVSiCi-uM_y8iXoKBhap4a5GyZ1_WHqeCTH9Tjc2cMX5ZN7CYvg==
pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
a.pub.network/core/pubfig/ 		446 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/tinyurl-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157be93264202d9d51193177f47532248c36e3947bf3c1acfc38821829466e67

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56584
x-guploader-uploadid
ADPycdtPAzh6cLuCzNufBBQcrdJ3IrdUrkcvn-sEIPAKwnqOnJ50iRIl3C80Qcy9DfZM-pZ8xKDTYPN-cDan8ZUVOD5Pdw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 18 Nov 2022 17:16:54 GMT
server
cloudflare
etag
W/"c555044d1c859823933ab5dbd5a2aa90"
vary
Accept-Encoding
x-goog-generation
1668791814721400
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=m11fMA==, md5=xVUETRyFmCOTOrXb1aKqkA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
457027
access-control-allow-origin
*
cf-ray
775def1b2e76b3e5-MIA
expires
Wed, 07 Dec 2022 15:26:02 GMT
js
www.googletagmanager.com/gtag/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5C3DL4X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e47a4dcc8e7768b9bd12c10ea4ff60c4b9a892ebfe200849af915d22f4a07d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71497
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 07 Dec 2022 14:26:02 GMT
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		144 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b3a18a5978dc36b67d5436fde26bef13f828ca763dd3bb352d30952507e5ea

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 14:03:02 GMT
server
cloudflare
x-amz-request-id
VG2FW437HEWG2475
age
875
etag
W/"2c41780e780b237ae7873b019d7d3b3b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
775def1ca88809e2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QTtfUVPmUCa5Rh6INk4TtHMwRrOMSJ81x9O+cpXsLs0n0Os9w6+4iqDGVpuIu1hdi1vyQMq1pjA=
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a50dcb062a3aab21201484b66a215bb9c3af2dbb275b9cbb404a59adfc62814d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1414 / 866 of 1000 / last-modified: 1670414835"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
27555
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Wed, 07 Dec 2022 14:26:02 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
887 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a39aff0b5ce450800949c3cb66afbd5acaff8c46f3c4ceeb99be1389ccbeb58f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Dec 2022 13:46:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2190
etag
W/"a9aa5f62ee75371bec92cd1610807681"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB3DC9NfAvhMsLALcpwW4TTBubsUd4OsMmUbp%2B7jq3LqojYTmJqvRnIPyLaj9oELYQt2Uoq2MW%2BJvSnG0L3K7vjpEmwe6mWng5ejvnQZZa6cqpp6huLR0KiKhDzRmKnyMQhs%2BomQB9B2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
775def1d9f7d031c-MIA

Redirect headers

date
Wed, 07 Dec 2022 14:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkfLrMIO9mTA%2B4o1AKfiroZZAXgPJSL6lAZTZioS9uvV67ppegttaToYqsK6dSD68qUIdLUufxn%2Bmx7s2ICPwsqe2mGgApOR7TFeIPOI6%2FclVf0d1Zqe%2FJ0EbqaEd8LrpuG9rfR7jtuIwWgvzgZWR5PqFxqzF%2FHB5AvwQA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
775def1cbf26099e-MIA
expires
Wed, 07 Dec 2022 15:26:02 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=http%3A%2F%2Fcovid.vikingcorp.com%2F&ref=&_it=freestar&partner_id=474
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FNK044PCM9Y7VVCR
age
3829
x-amz-id-2
AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxbbxbpmTJ7mkhNfBBC8QykylzazXWWRVs8zfpGZaoI6UOTi%2BpWkG9JqSP4Srm5mH9N%2Bc6op5aENZYICwJGfJIXyZdRXmABOEoqgp5rfHvSBkLExVrZGGrGa3SegGDbi7xzIhr5tSvbkd0OcFps%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
775def1cbee9db05-MIA
prebid-analytics-7.19.5.js
a.pub.network/core/ 		547 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.19.5.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c87237ae9146ff418087dbd591b8644ba09adb66de81d0f40db50c47111e2e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56596
x-guploader-uploadid
ADPycdu_qWqAHx_Pw3-VSVHAMuqOhczTGXNpdtdX_oLfv3HqZ5KfMG-iHnfTHhBdljSlvlYxT-fTBcLbbRVYGPxdEfxMKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Wed, 02 Nov 2022 16:16:55 GMT
server
cloudflare
etag
W/"fb286f34785177cf76cd5dc824642aba"
vary
Accept-Encoding
x-goog-generation
1667405815729831
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=8D0MRw==, md5=+yhvNHhRd892zV3IJGQqug==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31479400
x-goog-stored-content-length
559623
cf-ray
775def1c392db3e5-MIA
expires
Wed, 06 Dec 2023 22:42:42 GMT
collect
www.google-analytics.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=2oebu0&_p=388066099&cid=2060911283.1670423162&ul=en-us&sr=1600x1200&_s=1&sid=1670423162&sct=1&seg=0&dl=http%3A%2F%2Fcovid.vikingcorp.com%2F&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2.js
cmp.quantcast.com/tcfv2/ 		177 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/tinyurl.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:aa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a3c5832b797c8070930ff467d99e3bf26861501030e9530d4c2e8e606d51f9a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 13:48:58 GMT
content-encoding
gzip
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
2225
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Nov 2022 18:23:42 GMT
server
AmazonS3
etag
W/"3588f03a02838b8639eaf247dccc001e"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
yAYsIHzgqfJ__WtbZjLA8hZtPEnHHvtFNOkyhm2usBxN7R2FsHMe9A==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202211281516/ 		214 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.confiant-integrations.net/gptprebidnative/202211281516/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155ae9a5b5aad976bcea98140251cf38c9b0fabbd6d14e1e0330e6bc7db652a6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:02 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
VDNGJKBZ9AS9WEFF
Age
504714
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
70218
x-amz-id-2
PxzI7ee4c/N0BbJhljb3Vknr4lxO700V32UIupIiiA1fabdt5RAV9XN1leLY5rUw3pSHXr6S0G4=
Last-Modified
Mon, 28 Nov 2022 22:12:12 GMT
Server
cloudflare
ETag
"a17d71fba756fc07505a17ec398feab1"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
775def1d8cf167bc-MIA
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp...
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=154&c7=http%3A%2F%2Fcovid.vikingcorp.com%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
via
1.1 1d021a29a760cffd1a9d8324d2bfce92.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
SAelpE4nH_W1LXwP83t7j3kxT4g8TBKf_p5Z4YYOqJN5vLt6LO8AWQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1670423162320&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=154&c7=http%3A%2F%2Fcovid.vikingcorp.com%2F&c8=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&c9=
date
Wed, 07 Dec 2022 14:26:02 GMT
via
1.1 1d021a29a760cffd1a9d8324d2bfce92.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
me420X64QwRKspN4ApIR-t2o5hMs18R9UL4StyLNxNZZscPAxK74Kw==
x-cache
Miss from cloudfront
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 04:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 07 Dec 2023 04:37:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		42 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=covid.vikingcorp.com
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd9d525d6dd8291b0ba5a2461bd97df4e5761b6eccb68f8215cc9d4522d5c8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
expires
Wed, 07 Dec 2022 14:26:02 GMT
geoip
apis.cmp.quantcast.com/ 		49 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=tinyurl.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.126.234 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-126-234.us-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 07 Dec 2022 14:26:02 GMT
content-type
application/json; charset=utf-8
content-length
49
x-geo-ip-version
1.2
state
covid.vikingcorp.com/app/api/ 		72 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://covid.vikingcorp.com/app/api/state
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/js/app.js?id=a7878cc39f290e4e3cd36915f5f59bbd
Protocol
HTTP/1.1
Server
66.220.23.67 Castle Rock, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software
lighttpd/1.4.55 / PHP/8.1.10
Resource Hash
38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://covid.vikingcorp.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:02 GMT
X-Content-Type-Options
nosniff
Server
lighttpd/1.4.55
X-Powered-By
PHP/8.1.10
X-Frame-Options
SAMEORIGIN
Content-Language
en
Content-Type
application/json
Cache-Control
max-age=0, private
Connection
close
Content-Length
72
X-XSS-Protection
1; mode=block
v3
js.stripe.com/ 		400 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/js/app.js?id=a7878cc39f290e4e3cd36915f5f59bbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6140f2a711f54f2a8386ee82853b7fd67f5b27c0b22e3fdf8c517bcec5215694
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:26:02 GMT
via
1.1 varnish
age
32
x-cache
HIT
content-length
98960
x-request-id
53b2402b-0b25-453b-ab3a-88c19e1a5634
x-served-by
cache-mia11341-MIA
last-modified
Tue, 06 Dec 2022 23:58:54 GMT
server
Fastly
etag
"6f1136ac40a4c56f0657efc56e2e201e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bungee&family=Montserrat:wght@100;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://covid.vikingcorp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 10:24:41 GMT
x-content-type-options
nosniff
age
446481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 10:24:41 GMT
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
http://covid.vikingcorp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
http://covid.vikingcorp.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 07 Dec 2022 14:26:03 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
fa1b69b8559e57d364f02a80fbc499960e9a0875a45311447096fae11e03e43a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
controller-78fb6846519810d50422a59ab436e803.html
js.stripe.com/v3/ Frame D737 		325 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
503932efe9407801a99edbaa5feb8096d083802d241afd9527fded3a8e469a7f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://covid.vikingcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
48
cache-control
max-age=60
content-encoding
br
content-length
150
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 14:26:03 GMT
etag
"78fb6846519810d50422a59ab436e803"
last-modified
Tue, 06 Dec 2022 23:37:05 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
14
x-content-type-options
nosniff
x-request-id
bf97a4a3-bba1-4ca6-a672-fcd797fdc643
x-served-by
cache-mia11341-MIA
pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
a.pub.network/core/pubfig/ 		230 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c41f55bf7fb0d54abf7925a33a4c2e7161e6da54a6e91611c4b081955bf3cd7a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56587
x-guploader-uploadid
ADPycdsVypL449zwYZ15oYjuu_48AmXCbTnvR_K3WG9aI6_5PJho3lhTE_G0AwvwialIX1lOASmrOaQDpy8r0f_L0Ck4Gw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 18 Nov 2022 17:16:58 GMT
server
cloudflare
etag
W/"7e6ca3152be5e89a86042847ad56b6c3"
vary
Accept-Encoding
x-goog-generation
1668791818927146
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=HN+LuQ==, md5=fmyjFSvl6JqGBChHrVa2ww==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
235209
access-control-allow-origin
*
cf-ray
775def229e12b3e5-MIA
expires
Wed, 07 Dec 2022 15:26:03 GMT
csp-report
q.stripe.com/ Frame D737 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-976124c48ece5d1509a4173f901dafda.js
js.stripe.com/v3/fingerprinted/js/ Frame D737 		294 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:26:03 GMT
via
1.1 varnish
age
53233
x-cache
HIT
content-length
67258
x-request-id
2fd82039-5fc9-4fe2-b806-82b087f50dcb
x-served-by
cache-mia11341-MIA
last-modified
Tue, 06 Dec 2022 23:37:16 GMT
server
Fastly
etag
"62a84552bc785c288c347ebb38300d6d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3002
controller-67c708f2f16cc22c7e462cfa14c45cde.js
js.stripe.com/v3/fingerprinted/js/ Frame D737 		441 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-67c708f2f16cc22c7e462cfa14c45cde.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1ef2f48fd67df5e82f2d1510b4032ca3b26ead2b047e039e8b13d5b6ad2ca8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:26:03 GMT
via
1.1 varnish
age
53233
x-cache
HIT
content-length
108940
x-request-id
91c11083-a734-4b9b-9677-21e8d6b8fe8a
x-served-by
cache-mia11341-MIA
last-modified
Tue, 06 Dec 2022 23:37:14 GMT
server
Fastly
etag
"57ebf4bbda8f9d839654d5aab7f78add"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2922
c
c.pub.network/ 		36 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6236821222ff95624890e70215fe88f6e2ab2bdc484651e6b37efff03a7a13c7

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Dec 2022 14:26:03 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://covid.vikingcorp.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
.deploy_status_henson.json
js.stripe.com/v3/ Frame D737 		474 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b5794b20910bf7d0edc6e7465cebcaa2710cc9783823ae65c735b75438d97bd7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-78fb6846519810d50422a59ab436e803.html
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
49
x-cache
HIT
content-length
293
x-request-id
dd669c8d-d4f8-4b66-a6fb-1de940b7277c
x-served-by
cache-mia11389-MIA
last-modified
Tue, 06 Dec 2022 23:59:39 GMT
server
Fastly
etag
"7e95426b2dee41bc2a592181bcf77b56"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 4776 		200 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://covid.vikingcorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2053235
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 14:26:04 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
738395
x-content-type-options
nosniff
x-request-id
ebc0b0a2-a5a4-4058-ba5b-26d42a4b5fb6
x-served-by
cache-mia11341-MIA
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcovid.vikingcorp.com%2F&domain=covid.vikingcorp.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://covid.vikingcorp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 07 Dec 2022 14:26:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
583804
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
apstag.js
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain
  • http://c.amazon-adsystem.com/aax2/apstag.js
  • https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
178 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Protocol
H2
Server
2600:9000:20ed:1c00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:09:41 GMT
content-encoding
br
via
1.1 bf08d0f122cb7618f980954bd4f44e36.cloudfront.net (CloudFront)
last-modified
Wed, 09 Nov 2022 20:51:50 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
984
x-amz-server-side-encryption
AES256
etag
W/"fa24fe2b94a2fc864b1ec67f32e8db32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
2IHFOBpMcV-HDykQjkXJMOLSTzTVMIVskPvy6p1ZXkjkp6j3Y7M_uQ==

Redirect headers

Date
Wed, 07 Dec 2022 07:18:16 GMT
Via
1.1 d4313104085979d3472fae656cd1ecc2.cloudfront.net (CloudFront), 1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
IAD12-P2, PHL50-C1
Age
25668
X-Cache
Hit from cloudfront
Content-Type
text/html
Location
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
NKu1ySgKQLvxKvZcr6nIUqFl17-_-Vl_L8M7V2XznO08MR451X4dFw==
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fcovid.vikingcorp.com%2F&domain=covid.vikingcorp.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bplM1XwvZkVTdi9Pb1ovVklVd2I3WVpSYjVvSlorRXdRUmw3ZGdHeWlubXJZSmdlamZpcnVIeWw3UFdxbGZPd2NSMHF5Ly9LZDRVSVpMNUtmZm1xZWdmYm0ydXdDaFB1bVRVUTdJbFgwcTl1azlwaWV3QjJxTTFHdmNwSW...
354 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bplM1XwvZkVTdi9Pb1ovVklVd2I3WVpSYjVvSlorRXdRUmw3ZGdHeWlubXJZSmdlamZpcnVIeWw3UFdxbGZPd2NSMHF5Ly9LZDRVSVpMNUtmZm1xZWdmYm0ydXdDaFB1bVRVUTdJbFgwcTl1azlwaWV3QjJxTTFHdmNwSW1VNldSRjMyZVdMRHE5QTg4YVg3Q3FwamRaV1h1U2FHV0xXZ05DNjh3ZVJnUURYaGtNeXVEN3MwL2J5ZGdJNDJLVjVxUzViZ0R6RURLcjJnUUtEMnBsSktWcXpxdG0za1F1cXo4R2l5VkM3a0xHdnZHYmFNYXRyc0hIQTBRL0htS2ovdUR1MFFCfA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3c40bb23e16b9f3955fa48372033fb1872e34a0cf9510b9f4565a88770e8f890
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
747336
expires
0

Redirect headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=bplM1XwvZkVTdi9Pb1ovVklVd2I3WVpSYjVvSlorRXdRUmw3ZGdHeWlubXJZSmdlamZpcnVIeWw3UFdxbGZPd2NSMHF5Ly9LZDRVSVpMNUtmZm1xZWdmYm0ydXdDaFB1bVRVUTdJbFgwcTl1azlwaWV3QjJxTTFHdmNwSW1VNldSRjMyZVdMRHE5QTg4YVg3Q3FwamRaV1h1U2FHV0xXZ05DNjh3ZVJnUURYaGtNeXVEN3MwL2J5ZGdJNDJLVjVxUzViZ0R6RURLcjJnUUtEMnBsSktWcXpxdG0za1F1cXo4R2l5VkM3a0xHdnZHYmFNYXRyc0hIQTBRL0htS2ovdUR1MFFCfA&cppv=2
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
584739
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		132 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.249.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-249-238.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
969ba18aec3eb15d03c48055c38307270a49218d0e85871bcf5d41dee2215d42

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://covid.vikingcorp.com
date
Wed, 07 Dec 2022 14:26:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/ 		109 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.19.5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5aac93e0d9fd833afe314fb7f932a2094d5497031c7a9263ce982f23a259e0e6

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 06 Jan 2023 14:26:04 GMT
csp-report
q.stripe.com/ Frame 4776 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4776 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 4776 		631 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:26:04 GMT
via
1.1 varnish
age
2053235
x-cache
HIT
content-length
332
x-request-id
efda09db-532b-4305-9d9e-52eaa5ef4e70
x-served-by
cache-mia11341-MIA
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
591213
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 14 Dec 2022 14:26:04 GMT
0
r.stripe.com/ Frame D737 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 07 Dec 2022 14:26:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D737 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 07 Dec 2022 14:26:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D737 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 07 Dec 2022 14:26:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D737 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 07 Dec 2022 14:26:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame D737 		0
127 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-976124c48ece5d1509a4173f901dafda.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Wed, 07 Dec 2022 14:26:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
inner.html
m.stripe.network/ Frame 66E0 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:da00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
32
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 07 Dec 2022 14:25:33 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
x-amz-cf-id
4l8gXkng8h4QFtmsPuGIznyVmnWSLb0_jF8njbgPqZVRQ4rrwmSQrw==
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.36.1.dc9de165af7a72a9a47a976134cea6a7dd5cb882.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6236821222ff95624890e70215fe88f6e2ab2bdc484651e6b37efff03a7a13c7

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://covid.vikingcorp.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
csp-report
q.stripe.com/ Frame 66E0 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 66E0 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:da00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 07 Dec 2022 14:22:20 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 4810d74d0025d8ce3dbab6cb71a901d2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
225
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
ydJkU95DjN0wZDKzSzNqSFNLxE-iG82zSNJ7-5ZBZc07tA-q1h4siA==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Protocol
H2
Server
2600:9000:20ed:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:25:03 GMT
content-encoding
gzip
via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
62
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
BZpDKLBpKD-W8CDHyPWkQRI9U0jjuwJlzWqsScA3sY9rkrqZk9VFBA==

Redirect headers

Date
Wed, 07 Dec 2022 14:26:04 GMT
Via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
VF67sQnndIPkCq7q5_lQrwlxyGFm3VursvK-aNzETXkWXuUXpVaQng==
config
c.amazon-adsystem.com/cdn/prod/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fcovid.vikingcorp.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:04 GMT
via
1.1 29c5489c5e1405c3b5e0ac847cbfad6e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
736
x-amz-cf-id
xKucNBRaYtw8fxUfnGPBmEMRrV1LIEFMK_MjqWTvA5m7Nd9HQFUWLQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:05 GMT
x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
Via
1.1 80d115dafe1d45606330f418d944b1ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
6482
Last-Modified
Wed, 07 Dec 2022 02:43:04 GMT
Server
AmazonS3
ETag
"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Vary
Accept-Encoding,Origin
Accept-Ranges
bytes
X-Amz-Cf-Id
o78-dJuU2MofQKdUrTGqm-xr4zQ8oGOGl8ur9lNrLfXX1Mqx-nEDtw==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bplM1XwvZkVTdi9Pb1ovVklVd2I3WVpSYjVvSlorRXdRUmw3ZGdHeWlubXJZSmdlamZpcnVIeWw3UFdxbGZPd2NSMHF5Ly9LZDRVSVpMNUtmZm1xZWdmYm0ydXdDaFB1bVRVUTdJbFgwcTl1azlwaWV3QjJxTTFHdmNwSW1VNldSRjMyZVdMRHE5QTg4YVg3Q3FwamRaV1h1U2FHV0xXZ05DNjh3ZVJnUURYaGtNeXVEN3MwL2J5ZGdJNDJLVjVxUzViZ0R6RURLcjJnUUtEMnBsSktWcXpxdG0za1F1cXo4R2l5VkM3a0xHdnZHYmFNYXRyc0hIQTBRL0htS2ovdUR1MFFCfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 07 Dec 2022 14:26:04 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
538249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
6
m.stripe.com/ Frame 66E0 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.76.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-76-115.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
44c0898b5e17560b89c5102ba9709bbf57091706e9c2ed3b658b16a9d27b6aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Dec 2022 14:26:05 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: covid.vikingcorp.com
URL: http://covid.vikingcorp.com/
Protocol
HTTP/1.1
Server
23.76.39.148 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-76-39-148.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 14:26:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Oct 2022 18:14:48 GMT
Server
Apache
ETag
"d4ed-5eaee7c12df48-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17131
Expires
Wed, 07 Dec 2022 14:41:05 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 14:26:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
JNGSH7RWYRE8RABM
age
1452
etag
W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
775def2e6f62029f-MIA
x-amz-id-2
b/by0ztoXvFPLBTVDyIW0aX+lswhc7n64pUr7i8mrDy/seSwsOdZy79mqHpxT7vVHuYZO2mvsZI=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
pixel;r=307509423;labels=keywords.tinyurl%20url%20save%20share%20shorten%20analyze;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fcovid.vikingcorp.com%2F;uht=2;fpan=1;fpa=P0-694606404-1670423164644;pbc=91...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=307509423;labels=keywords.tinyurl%20url%20save%20share%20shorten%20analyze;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fcovid.vikingcorp.com%2F;uht=2;fpan=1;fpa=P0-694606404-1670423164644;pbc=9185645a-2591-4b79-a4d4-51594fb3aa57;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;us_privacy=1---;ref=;d=vikingcorp.com;dst=0;et=1670423165017;tzo=0;ogl=;ses=dfab33f3-b9ee-4b97-b732-a3d683064489
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
bfbc7eaededf3c7e9f5a1ae33b09f1210014556a4ebb89328113ac219e074c2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://covid.vikingcorp.com
date
Wed, 07 Dec 2022 14:26:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f94270f59506d9991c3e345240651d6e2667eb00a027e4e82942c47a2996f308

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://covid.vikingcorp.com
date
Wed, 7 Dec 2022 14:26:05 GMT
content-length
54
vary
Origin
content-type
application/json
882.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
53819b8e8eb13980f126e24ff2d37021539725887b27601abf9b0605a7da7034
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://covid.vikingcorp.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Dec 2022 14:26:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://covid.vikingcorp.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2PJZZW5GKP&gtm=2oebu0&_p=388066099&cid=2060911283.1670423162&ul=en-us&sr=1600x1200&_s=2&sid=1670423162&sct=1&seg=0&dl=http%3A%2F%2Fcovid.vikingcorp.com%2F&dt=TinyURL.com%20-%20shorten%20that%20long%20URL%20into%20a%20tiny%20URL&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PJZZW5GKP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://covid.vikingcorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Dec 2022 14:26:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://covid.vikingcorp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange object| dataLayer object| Spark function| hj object| _hjSettings object| freestar object| regeneratorRuntime object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| fsdata function| __tcfapi function| __uspapi object| _comscore object| fsprebid object| google_tag_manager function| load_script object| confiant object| googletag function| ha object| google_tag_data object| gaGlobal object| COMSCORE function| udm_ object| fsprebidChunk object| _pbjsGlobals object| mnet object| hadron function| __tcfapiui object| ns_p object| ggeac object| google_js_reporting_queue object| webpackChunk function| _ object| $cookies function| SparkForm function| SparkFormErrors object| Bus object| core function| __ object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl undefined| google_measure_js_timing object| webpackChunkStripeJSouter function| Stripe object| apstag object| _qevents function| quantserve function| __qc object| ezt object| _qoptions boolean| apstagLOADED boolean| creativeVendorLibraryLoaded object| PublisherCommonId function| setImmediate function| clearImmediate object| ID5

15 Cookies

Domain/Path Name / Value
.pub.network/ Name: _fsuid
Value: f4a49a3e-dc22-43de-9930-4a9968fd5850
.vikingcorp.com/ Name: _ga_2PJZZW5GKP
Value: GS1.1.1670423162.1.0.1670423162.0.0.0
.vikingcorp.com/ Name: _ga
Value: GA1.1.2060911283.1670423162
.scorecardresearch.com/ Name: UID
Value: 1F0ae420164a4b40d74ad2b1670423162
covid.vikingcorp.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.vikingcorp.com/ Name: _pubcid
Value: 9185645a-2591-4b79-a4d4-51594fb3aa57
.adsrvr.org/ Name: TDID
Value: db926f6d-42f4-46b5-867d-a1a88b1e71a8
m.stripe.com/ Name: m
Value: aa927c7f-fb85-4417-89d0-ffa410c63e1331e707
.vikingcorp.com/ Name: cto_bundle
Value: Z9ZeLF9BcURPbHRaeTVyRSUyRk51Yzg1NXZ1V2IzcSUyQlVCOENPVG91RHprWVRGUlJ5blVxTmwxbmJVcnVnN0k2M0RUbFN5OFRTYnIyUTJGckFhRUpIZWt2MHg2WWlLMW1WUUZ6emVqRkZ2blVCdW9jSkx6WFAlMkJ1eXpQV3dLNzNhNnZjN2l1Rw
.vikingcorp.com/ Name: cto_bidid
Value: OXnhWV8yVlRURFM3WWJSZ1F4dDJKZWJVdWhuN3NqU25mdnVhSWNhUzRYUXZWakFiR1UxSFdwaHZvS243WTE1T0lwMGFNUzJoMzlieDBZdXpCem0lMkJPeWpKY3lRJTNEJTNE
.covid.vikingcorp.com/ Name: __stripe_mid
Value: a904aa48-efef-4c90-8636-e360131775fe8e613d
.covid.vikingcorp.com/ Name: __stripe_sid
Value: 67323a99-1a1f-4640-a01b-603e532e65cacc2bf6
.quantserve.com/ Name: mc
Value: 6390a27d-2f8dc-63c1f-cb8f2
.vikingcorp.com/ Name: __qca
Value: P0-694606404-1670423164644
.id5-sync.com/ Name: id5
Value: 8e974ee9-3007-7915-acf1-7e6b8f0f8cf5#1670423166111#1

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
api.floors.dev
apis.cmp.quantcast.com
btloader.com
c.amazon-adsystem.com
c.pub.network
cdn.confiant-integrations.net
cdn.hadronid.net
cdn.id5-sync.com
cmp.quantcast.com
covid.vikingcorp.com
d.pub.network
d3div1mtym39ic.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
gum.criteo.com
id.hadron.ad.gt
id5-sync.com
js.stripe.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
m.stripe.com
m.stripe.network
match.adsrvr.org
mug.criteo.com
pixel.quantserve.com
q.stripe.com
r.stripe.com
rules.quantcount.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
13.224.205.195
13.224.214.23
13.224.214.65
141.95.33.111
141.95.98.64
151.101.192.176
2001:41d0:701:1000::96f
23.76.39.148
2600:9000:20ed:1c00:11:1ed0:3900:21
2600:9000:20ed:2400:6:44e3:f8c0:93a1
2600:9000:20ed:6a00:6:44e3:f8c0:93a1
2600:9000:20ed:aa00:9:46dc:4700:93a1
2600:9000:2514:da00:19:7d10:bd80:93a1
2606:4700:10::6816:3456
2606:4700:20::681a:68b
2606:4700:20::681a:932
2606:4700:20::ac43:49e4
2606:4700::6812:106b
2606:4700::6812:15ce
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::200a
2620:100:a001::c
2620:116:800b:21:b08a:1dc5:659b:4055
3.33.220.150
34.160.110.8
34.160.128.112
35.84.249.238
52.8.126.234
54.185.76.115
54.187.119.242
66.220.23.67
74.119.119.139
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
114faf881c4db279c060d2448dc596c3b4469221f77a1009940fc0c217946d20
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
155ae9a5b5aad976bcea98140251cf38c9b0fabbd6d14e1e0330e6bc7db652a6
157be93264202d9d51193177f47532248c36e3947bf3c1acfc38821829466e67
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
1ef2f48fd67df5e82f2d1510b4032ca3b26ead2b047e039e8b13d5b6ad2ca8bc
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
38d8511edbc029729dcebd0d2d5491612ab9bb4721b1f54ab84415b35aa91558
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3c40bb23e16b9f3955fa48372033fb1872e34a0cf9510b9f4565a88770e8f890
3dc2024d040e9fd2c86538442752902779b5db67377a394482fa58766abf8ee5
3e47a4dcc8e7768b9bd12c10ea4ff60c4b9a892ebfe200849af915d22f4a07d5
44c0898b5e17560b89c5102ba9709bbf57091706e9c2ed3b658b16a9d27b6aa5
503932efe9407801a99edbaa5feb8096d083802d241afd9527fded3a8e469a7f
53819b8e8eb13980f126e24ff2d37021539725887b27601abf9b0605a7da7034
550a69b27ec446ed29798faffdae2673b29f92ec746ebff6d9a1e82abf343007
5aac93e0d9fd833afe314fb7f932a2094d5497031c7a9263ce982f23a259e0e6
5f29bbb03d81835920ce91ae962981dbaa21d29646d0f23496990e53df9410bd
6140f2a711f54f2a8386ee82853b7fd67f5b27c0b22e3fdf8c517bcec5215694
6236821222ff95624890e70215fe88f6e2ab2bdc484651e6b37efff03a7a13c7
77b3a18a5978dc36b67d5436fde26bef13f828ca763dd3bb352d30952507e5ea
803a8fac863db2c4a3fb57aa0189a09e8a076742e0d0c59172a9e9167d08c1d0
969ba18aec3eb15d03c48055c38307270a49218d0e85871bcf5d41dee2215d42
9a3c5832b797c8070930ff467d99e3bf26861501030e9530d4c2e8e606d51f9a
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1bf647662c703d2d4eb2d2a7dbc1f34339f0a6e7a52aa1947763b43b4753cd0
a39aff0b5ce450800949c3cb66afbd5acaff8c46f3c4ceeb99be1389ccbeb58f
a50dcb062a3aab21201484b66a215bb9c3af2dbb275b9cbb404a59adfc62814d
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b5177790cf4404de44d6c9061febfb8cd35cd68f23495204b3ddb4ebd6f8df14
b5794b20910bf7d0edc6e7465cebcaa2710cc9783823ae65c735b75438d97bd7
bd9d525d6dd8291b0ba5a2461bd97df4e5761b6eccb68f8215cc9d4522d5c8ef
bfbc7eaededf3c7e9f5a1ae33b09f1210014556a4ebb89328113ac219e074c2d
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c41f55bf7fb0d54abf7925a33a4c2e7161e6da54a6e91611c4b081955bf3cd7a
c77c73031f12ad805be49f065989e35ee84cdeaba71e1b64c650732c921409df
c89035c82d7765c2d5f6e687937e5b8c822c5c70b4afbfd10ff14446d30f892b
d72b784c7b56ffc81dd3a3f2c89943ac4896a02a859e2b5cf72c91da73443e1c
da3acf3a6970d3fee3c2423ec73f4186db025e5be3722938ca87c60a793fb497
e2c87237ae9146ff418087dbd591b8644ba09adb66de81d0f40db50c47111e2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f94270f59506d9991c3e345240651d6e2667eb00a027e4e82942c47a2996f308
fa1b69b8559e57d364f02a80fbc499960e9a0875a45311447096fae11e03e43a