cegahcovid.com Open in urlscan Pro
2606:4700:3033::6818:71de Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cegahcovid.com/
Effective URL:
https://cegahcovid.com/
Submission: On March 26 via api (March 26th 2020, 6:47:49 am UTC) from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3033::6818:71de, located in United States and belongs to CLOUDFLARENET, US. The main domain is cegahcovid.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 24th 2020. Valid for: 7 months.

This is the only time cegahcovid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3033::6818:71de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:20e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::681b:af56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	139.59.217.206 139.59.217.206	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	13.224.194.37 13.224.194.37	16509 (AMAZON-02) (AMAZON-02)
7	143.204.97.97 143.204.97.97	16509 (AMAZON-02) (AMAZON-02)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.3 13.225.73.3	16509 (AMAZON-02) (AMAZON-02)
41	12

3 2606:4700:3033::6818:71de (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cegahcovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

mk0cegahcovid5rw06w1.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:20e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::681b:af56 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onpay.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.59.217.206 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

myfacemask.onpay.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.37 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-37.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.97.97 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-97.fra50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.3 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-3.fra2.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	kinstacdn.com mk0cegahcovid5rw06w1.kinstacdn.com	701 KB
9	gstatic.com fonts.gstatic.com	87 KB
7	intercomcdn.com js.intercomcdn.com	237 KB
3	onpay.my cdn.onpay.my myfacemask.onpay.my	10 KB
3	cegahcovid.com 1 redirects cegahcovid.com	13 KB
2	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	2 KB
2	useproof.com cdn.useproof.com	487 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
1	intercomassets.com static.intercomassets.com	21 KB
1	w.org s.w.org	923 B
41	10

	Domain	Requested by
13	mk0cegahcovid5rw06w1.kinstacdn.com	cegahcovid.com
9	fonts.gstatic.com	cegahcovid.com
7	js.intercomcdn.com	js.intercomcdn.com
3	cegahcovid.com	1 redirects cegahcovid.com
2	cdn.onpay.my	cegahcovid.com cdn.onpay.my
2	cdn.useproof.com	cegahcovid.com cdn.useproof.com
1	static.intercomassets.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	1 redirects
1	s.w.org	cegahcovid.com
1	myfacemask.onpay.my	cdn.onpay.my
1	ajax.googleapis.com	cegahcovid.com
1	fonts.googleapis.com	cegahcovid.com
41	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-24` - `2020-10-09`	7 months	crt.sh
*.kinstacdn.com COMODO RSA Domain Validation Secure Server CA	`2018-11-19` - `2021-02-16`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.onpay.my Sectigo RSA Domain Validation Secure Server CA	`2019-06-10` - `2021-06-02`	2 years	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.intercomcdn.com Amazon	`2019-04-27` - `2020-05-27`	a year	crt.sh
*.intercom.com Amazon	`2019-06-11` - `2020-07-11`	a year	crt.sh
intercomassets.com Amazon	`2019-09-13` - `2020-10-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://cegahcovid.com/
Frame ID: A518AD1601467A5F7C20C36282BA4BB9
Requests: 31 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: F5FD6CDB68F8097D657EA03D181106D1
Requests: 1 HTTP requests in this frame

Frame: https://myfacemask.onpay.my/order/form/1?embed=1&only_form=1
Frame ID: 104FF4C34CF91C9C2F7AB8A0F6ECDF96
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.752db3ed.js
Frame ID: FACE1BA06CD79B5817E119A3EEA3A76B
Requests: 6 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: B5B842A03936D2BDA19E29C8DC55DA7F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cegahcovid.com/ HTTP 301
https://cegahcovid.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

41
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1589 kB
Transfer

2486 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cegahcovid.com/ HTTP 301
https://cegahcovid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://widget.intercom.io/widget/fog6zh3d HTTP 302
https://js.intercomcdn.com/shim.latest.js

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cegahcovid.com/
Redirect Chain

http://cegahcovid.com/
https://cegahcovid.com/

108 KB
8 KB

1280ms
1258ms

Document
text/html

2606:4700:3033::6818:71de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6818:71de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c371a864aa63edef65ca81a82f712dcaae75ab2b94db4301dce5ec70c4ac37

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: cegahcovid.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 26 Mar 2020 06:47:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d102a0614f61bbacd223a438d9fe053ba1585205248; expires=Sat, 25-Apr-20 06:47:28 GMT; path=/; domain=.cegahcovid.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
link: <https://cegahcovid.com/wp-json/>; rel="https://api.w.org/" <https://cegahcovid.com/>; rel=shortlink
x-kinsta-cache: HIT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 579eeba21c21d6e9-FRA
content-encoding: br

Redirect headers

Date: Thu, 26 Mar 2020 06:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 26 Mar 2020 07:47:28 GMT
Location: https://cegahcovid.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 579eeba1d844dfe7-FRA

GET
H2 200 page-6.css
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/ 148 KB
13 KB 1634ms
1572ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.css?ver=f4f61ee89a8a106518b21f008b3e8766

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f8c111e4b70d77f9aef4a538f6992f12a556f9a40e195bcfd02d15c9e9d0a2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
last-modified: Mon, 23 Mar 2020 23:27:23 GMT
server: keycdn-engine
etag: W/"5e7945db-25015"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 579eebaa9d4d725d-AMS
expires: Fri, 26 Mar 2021 12:36:31 GMT

GET
H2 200 jquery.js Show response
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/ 95 KB
34 KB 1610ms
1549ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
last-modified: Mon, 23 Mar 2020 20:40:24 GMT
server: keycdn-engine
etag: W/"5e791eb8-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 579eebaa98fad8c1-AMS
expires: Fri, 26 Mar 2021 12:36:31 GMT

GET
H2 200 jquery-migrate.min.js Show response
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/ 10 KB
4 KB 1349ms
1287ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
last-modified: Mon, 23 Mar 2020 20:40:24 GMT
server: keycdn-engine
etag: W/"5e791eb8-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 579eebaac9637293-AMS
expires: Fri, 26 Mar 2021 12:36:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c81b68b9ee19d9ecdeceecd9650d49a8c5cbb49d5a110986b14199407a900e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 06:47:29 GMT
server: ESF
date: Thu, 26 Mar 2020 06:47:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 06:47:29 GMT

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 33ms
16ms Script
application/javascript 2606:4700:20::681a:20e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=taQBalArhrPZiq322rMjcQFEXFH3
Requested by: Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:20e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:29 GMT
cf-cache-status: HIT
age: 2395484
status: 200
content-type: application/javascript
content-length: 497715
x-amz-id-2: bS+v5eKXHXOmCual2HeAK4LhRA8Yv1qyOLBXSy0cntrZf6KhFmbi5NFEQ0WGtNGfkCphZLoaibg=
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
server: cloudflare
etag: "fa2c0c9552b99319ed55ce70955855f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 92EB98372714E456
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: 7RsCJUNysRMcqkyRLwe1KtYXPZzstQg_
accept-ranges: bytes
cf-ray: 579eebaa0930dff7-FRA

GET
H2 200 facemask-pandemic-control-hero1.png
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 289 KB
290 KB 1922ms
1861ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/facemask-pandemic-control-hero1.png

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

7bd0728837b2c2b36b74d1c6898ff0f8b5ba1fbe4e2080e1c7ba574d98bcedbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 296006
last-modified: Mon, 23 Mar 2020 20:48:46 GMT
server: keycdn-engine
etag: "5e7920ae-48446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebaa98cdfa80-AMS
expires: Fri, 26 Mar 2021 12:36:31 GMT

GET
H2 200 mask-detail.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 59 KB
60 KB 1948ms
1947ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

574f9f57fde7bd91df5a5710c2300f40a44490e01adbf74c0731be5f1c1ab60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 60555
last-modified: Mon, 23 Mar 2020 20:48:48 GMT
server: keycdn-engine
etag: "5e7920b0-ec8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb47b412c10-AMS
expires: Fri, 26 Mar 2021 12:36:33 GMT

GET
H2 200 mask-detail-3.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 36 KB
37 KB 1639ms
1638ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail-3.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c8c147de6305a3e072ce942a6ca51b41204895c8f42bb679b1c4c082e621cc58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 37070
last-modified: Mon, 23 Mar 2020 20:48:49 GMT
server: keycdn-engine
etag: "5e7920b1-90ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb48ff7c82b-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 mask-detail-2.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 32 KB
33 KB 1650ms
1649ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail-2.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ff079ef1006c587fcf1b4871d98f3103a59ff9137952920c57ad64542ce2c786

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 32883
last-modified: Mon, 23 Mar 2020 20:48:50 GMT
server: keycdn-engine
etag: "5e7920b2-8073"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb4bf06fa18-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 1-1.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 8 KB
9 KB 1294ms
1292ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/1-1.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ee99580ce56b9eefdb44d86e2f41a730798e0b5136447716c6c25a680f1665bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 8264
last-modified: Mon, 23 Mar 2020 20:48:51 GMT
server: keycdn-engine
etag: "5e7920b3-2048"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb47990d8d5-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 2.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 8 KB
8 KB 1308ms
1308ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/2.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

8334f4029f810b5d5624f85e76d15eb51c299f3b63117cfd0473115cb8ed6b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 7909
last-modified: Mon, 23 Mar 2020 20:48:52 GMT
server: keycdn-engine
etag: "5e7920b4-1ee5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb50bccfa34-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 3-1.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 7 KB
7 KB 1248ms
1247ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/3-1.jpg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

468373405865be8ad2f88f13fa1df115afeea0a817fb2824550cf3dd13eb4dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 7151
last-modified: Mon, 23 Mar 2020 20:48:53 GMT
server: keycdn-engine
etag: "5e7920b5-1bef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb4fcc0fa84-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 wp-emoji-release.min.js Show response
cegahcovid.com/wp-includes/js/ 14 KB
4 KB 1265ms
1264ms Script
application/javascript 2606:4700:3033::6818:71de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cegahcovid.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6818:71de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 23 Mar 2020 20:40:23 GMT
server: cloudflare
status: 200
etag: W/"5e791eb7-362a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 579eebb44e3bd6e9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 embed-order-form.min.js Show response
cdn.onpay.my/assets/js/ 19 KB
4 KB 76ms
48ms Script
text/javascript 2606:4700:3032::681b:af56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onpay.my/assets/js/embed-order-form.min.js
Requested by: Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:af56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3276cdd5a5af5c6823e09501e52b3899eeef30957bcbe0cad80382964d95b71

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 10136
status: 200
x-amz-request-id: 24E2D5D45849AEC4
x-amz-id-2: GhI4ktCylFQH7faM43GZv26KAKRNmmRddfDKg2iWsDwmeqh1KTNWCXeX9xMAtO0Ej/vP+3beyl8=
last-modified: Thu, 26 Mar 2020 03:58:33 GMT
server: cloudflare
etag: W/"a3bc1592fc161ef17e896ed25100fde3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cf-worker: YES
cache-control: max-age=14400
server-client: OnPay Solutions Sdn Bhd
cf-ray: 579eebaa7844e00b-FRA
expires: Thu, 26 Mar 2020 07:58:33 GMT

GET
H2 200 page-6.js Show response
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/ 5 KB
2 KB 1312ms
1311ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.js?ver=f4f61ee89a8a106518b21f008b3e8766

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f6324567cf5dadc00e88960d00baad1653c4fe481fb1308a50ab96dc3bfbf3a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
last-modified: Mon, 23 Mar 2020 20:48:59 GMT
server: keycdn-engine
etag: W/"5e7920bb-15c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 579eebab0bccd8c9-AMS
expires: Fri, 26 Mar 2021 12:36:31 GMT

GET
H2 200 wp-embed.min.js Show response
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/ 1 KB
1 KB 1319ms
1319ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/wp-embed.min.js?ver=5.3.2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
last-modified: Mon, 23 Mar 2020 20:40:24 GMT
server: keycdn-engine
etag: W/"5e791eb8-577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
cf-ray: 579eebb33b709bcd-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 25 Feb 2020 02:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2608758
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Feb 2021 02:08:13 GMT

GET
H2 200 index.html
cdn.useproof.com/proxy/ Frame F5FD 0
0 595ms
594ms Document
text/html 2606:4700:20::681a:20e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=taQBalArhrPZiq322rMjcQFEXFH3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:20e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cdn.useproof.com
:scheme: https
:path: /proxy/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cegahcovid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://cegahcovid.com/

Response headers

status: 200
date: Thu, 26 Mar 2020 06:47:31 GMT
content-type: text/html
content-length: 325
set-cookie: __cfduid=dd78b3ef940578bbf8746c1c11f768d551585205251; expires=Sat, 25-Apr-20 06:47:31 GMT; path=/; domain=.useproof.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2: l/+Ot+8lDG0S415z4qFTecNKH0VdWtcvgM1p/rwHvURDcyPjsNgp0uN1EMWLgUje+Xt4YXM9zn0=
x-amz-request-id: D3A8F6408FBDA54D
last-modified: Thu, 15 Aug 2019 15:41:48 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: V3wOD8RjbA.D9D1fAXIzDOps5d_6lt3O
accept-ranges: bytes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 579eebb489d1dff7-FRA

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1827292
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:12:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4773432
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2412025
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 op3-icons.woff2
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/fonts/ 202 KB
202 KB 1663ms
1650ms Font
application/font-woff2 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/fonts/op3-icons.woff2?ver=1.7.0

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

3be25e41a21cbc4c9494b4bbbf0be2f85f8ceb611e7faa2eb0beb6fa777fef1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.css?ver=f4f61ee89a8a106518b21f008b3e8766
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 06:47:32 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-edge-location: defr
x-cache: MISS
status: 200
content-length: 206376
last-modified: Mon, 23 Mar 2020 20:47:54 GMT
server: keycdn-engine
etag: "5e79207a-32628"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 579eebb53de39bfd-AMS
expires: Fri, 26 Mar 2021 12:36:32 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1345603
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 2628813
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Tue, 23 Feb 2021 20:33:58 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 00:55:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 1835548
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7924
x-xss-protection: 0
expires: Fri, 05 Mar 2021 00:55:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 01:21:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 2611533
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7836
x-xss-protection: 0
expires: Wed, 24 Feb 2021 01:21:58 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:10:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1737419
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7968
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:10:32 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:31:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:47:55 GMT
server: sffe
age: 2412972
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12872
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:31:19 GMT

GET
H2 200 iframeResizer.min.js Show response
cdn.onpay.my/assets/plugins/iframe-resizer/ 13 KB
5 KB 489ms
489ms Script
application/javascript 2606:4700:3032::681b:af56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onpay.my/assets/plugins/iframe-resizer/iframeResizer.min.js
Requested by: Host: cdn.onpay.my
URL: https://cdn.onpay.my/assets/js/embed-order-form.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::681b:af56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 06:47:31 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Jun 2019 23:54:02 GMT
server: cloudflare
x-amz-request-id: DCF0F368FD7CAE61
etag: W/"d3c21b1f9bf8acc1a62ddbec9346aab1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 579eebb4ee80e00b-FRA
x-amz-id-2: SF7Pwk7GZPhAF/LqUu/g3MxM+GjKP3xPOgEtWmdBaArFPWDBlwVwaBRtDEASljjOrvVIEWAKztU=

GET
H2 200 1
myfacemask.onpay.my/order/form/ Frame 104F 0
0 557ms
201ms Document
text/html 139.59.217.206
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://myfacemask.onpay.my/order/form/1?embed=1&only_form=1

Requested by

Host: cdn.onpay.my
URL: https://cdn.onpay.my/assets/js/embed-order-form.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

139.59.217.206 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myfacemask.onpay.my
:scheme: https
:path: /order/form/1?embed=1&only_form=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://cegahcovid.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://cegahcovid.com/

Response headers

status: 200
server: nginx-rc
date: Thu, 26 Mar 2020 06:47:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
set-cookie: ONPAY-base=AElp9b78dQYI3hoLcX8RMYk%2CU7oALSTwVS5r51FRFYOvqos2; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip

GET
H2 200 1f4e6.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 2 KB
923 B 74ms
30ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/12.0.0-1/svg/1f4e6.svg

Requested by

Host: cegahcovid.com
URL: https://cegahcovid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

35a41947f54c96134d1c364c7eef3d692d3af0be37874a86a94c22bdc6d464bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-nc: HIT lhr 1
date: Thu, 26 Mar 2020 06:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2019 05:13:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
status: 200
cache-control: max-age=315360000
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/fog6zh3d
https://js.intercomcdn.com/shim.latest.js

7 KB
3 KB

114ms
38ms

Script
application/javascript

143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf5080d2cce6f36e0b33814b774307c1a3e3371a2d65d00e24d94520a39725fc

Request headers

Referer: https://cegahcovid.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 06:47:04 GMT
content-encoding: gzip
age: 30
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 2830
last-modified: Wed, 25 Mar 2020 09:30:17 GMT
server: AmazonS3
etag: "d15e441831ce2d2437d261cbf4bdc7ae"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: yDP-nQ2sYYSW03j5IW18AZlWUqT4pwtg6UKtsDonyjNiKQR5-HIO4Q==

Redirect headers

date: Tue, 24 Mar 2020 05:05:24 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
server: AmazonS3
age: 178930
location: https://js.intercomcdn.com/shim.latest.js
x-cache: Hit from cloudfront
status: 302
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: QkW5AMHqKr155cLXF4l61hSEhj146Kr3Bx2BF-wEi4Nyo4WMRvpgiw==

GET
H2 200 frame-modern.752db3ed.js Show response
js.intercomcdn.com/ Frame FACE 197 KB
55 KB 58ms
58ms Script
application/javascript 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.752db3ed.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5462bae9b865a2bf0f42b14eea6e1d3e8e6666f7a88e080e68f5360c14133723

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 05:32:51 GMT
content-encoding: gzip
age: 4483
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 55684
last-modified: Wed, 25 Mar 2020 09:24:04 GMT
server: AmazonS3
etag: "e0d713bdf22e49769e070799023529c4"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: KacmAaWM743mzGK3qTpYKtdEP2ZttIHUOo1_e2kgrVOFs-nG7o9tig==

GET
H2 200 vendor-modern.b44097f3.js Show response
js.intercomcdn.com/ Frame FACE 153 KB
46 KB 81ms
81ms Script
application/javascript 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.b44097f3.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 05:32:47 GMT
content-encoding: gzip
age: 4487
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 46566
last-modified: Tue, 10 Mar 2020 11:03:49 GMT
server: AmazonS3
etag: "badc3f3a05921b12bad394d1096f9168"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: j4gYABqsvf8rO0dkQ-XGIPBHhyiq1VDSX_2_yXNI8Pli1ajcnwpcaQ==

GET
H2 200 vendors~app-modern.cbcf51d6.js Show response
js.intercomcdn.com/ Frame FACE 264 KB
82 KB 40ms
39ms Script
application/javascript 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.cbcf51d6.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.752db3ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 05:32:48 GMT
content-encoding: gzip
age: 4486
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 83198
last-modified: Tue, 10 Mar 2020 11:03:49 GMT
server: AmazonS3
etag: "3cb267cc1afb2cb8e5d00ec53cf1ea70"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: bOmr9oj6KPXBFK10p8ehKiWP1v9dqpD0WMVjcbFZHYkdnR01Vqlkyw==

GET
H2 200 app-modern.baf32651.js Show response
js.intercomcdn.com/ Frame FACE 65 KB
19 KB 51ms
50ms Script
application/javascript 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.baf32651.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.752db3ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29b35cfa34c7b99e7f3b406ca43501300f6bdca1682a104c67a873c6d270ccff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 05:32:52 GMT
content-encoding: gzip
age: 4482
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 19057
last-modified: Wed, 25 Mar 2020 09:24:04 GMT
server: AmazonS3
etag: "a779c9203a0ee789bf786b6335f32f66"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 8GN9RjauvJkjmx0Am-06O3GfXnZY7a4NweG8XHmA88OVbFmCy3c4Jw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame FACE 3 KB
2 KB 544ms
349ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.752db3ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e1ad10777f6a56a407dd2851c1108069e7dd5fbb2de4e2386d09394df436f983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://cegahcovid.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 26 Mar 2020 06:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0000idpu3ot69n94vsv0
x-runtime: 0.242324
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"e1ad10777f6a56a407dd2851c1108069"
x-ratelimit-remaining: 19999
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cegahcovid.com
x-intercom-version: 16fcd9a88b3ea76a61b94c57ba2c1fc9bda071dd
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1585205280
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type

GET
H2 200 launcher-discovery-modern.23269144.js Show response
js.intercomcdn.com/ Frame FACE 10 KB
4 KB 38ms
38ms Script
application/javascript 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery-modern.23269144.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.752db3ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7a953ccd2e5dffd5ee1180014ba7e52c325b12eee885a5b73e765a48e63e6dd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 05:34:00 GMT
content-encoding: gzip
age: 4421
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 3196
last-modified: Wed, 25 Mar 2020 09:24:04 GMT
server: AmazonS3
etag: "cfacea9ce1552984872d2f6b429e9f78"
content-type: application/javascript; charset=UTF-8
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 9G4Vrv5McBNwO8UjLYJ1CSccc1uKkowvA9uTpaFE0i4IGaNUAt2bDQ==

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame B5B8 28 KB
29 KB 588ms
510ms Font
font/woff 143.204.97.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/launcher-discovery-modern.23269144.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.97 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer: https://cegahcovid.com/
Origin: https://cegahcovid.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 06:47:42 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
content-length: 28960
last-modified: Wed, 25 Mar 2020 09:24:05 GMT
server: AmazonS3
etag: "a7942249ca925ef356c0f2b1dab17ef3"
vary: Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: p7Y3pB696vyyLee90sRcLeNNW9oNjNFBu3z-Hy2Sa_LvXLTYCHNp5g==

GET
H2 200 intercom_nurul-1585003824.jpg
static.intercomassets.com/avatars/3917667/square_128/ Frame B5B8 20 KB
21 KB 526ms
422ms Image
image/jpeg 13.225.73.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/3917667/square_128/intercom_nurul-1585003824.jpg?1585003824
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.3 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-3.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e393e4bf906f7a6fcb049a98fd7c3779270646a606eab3a0288c01a3a1e66bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 06:47:42 GMT
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
etag: "a49bcaf0c4e38f876cae65a346a28710"
last-modified: Mon, 23 Mar 2020 22:50:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 20753
x-amz-cf-id: zOCnf05HuackSZ5koZt8UWO_tqkiHAEvlFoNLj7AU4HJGunS3gq77g==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onpay.my/	1970-01-19 09:04:40	Name: resolution Value: 1600,1200
.onpay.my/	1970-01-19 10:29:41	Name: _fbp Value: fb.1.1585205252539.1882795057
myfacemask.onpay.my/	1969-12-31 23:59:59	Name: ONPAY-base Value: AElp9b78dQYI3hoLcX8RMYk%2CU7oALSTwVS5r51FRFYOvqos2
.cegahcovid.com/	1970-01-19 09:03:17	Name: __cfduid Value: d1cb432e9d750f9841e533fc53fd639121585205251

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-iam.intercom.io
cdn.onpay.my
cdn.useproof.com
cegahcovid.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mk0cegahcovid5rw06w1.kinstacdn.com
myfacemask.onpay.my
s.w.org
static.intercomassets.com
widget.intercom.io
13.224.194.37
13.225.73.3
139.59.217.206
143.204.97.97
192.0.77.48
2606:4700:20::681a:20e
2606:4700:3032::681b:af56
2606:4700:3033::6818:71de
2a00:1450:4001:814::200a
2a00:1450:4001:816::200a
2a00:1450:4001:81c::2003
2a0b:4d07:102::1
99.83.219.81
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
29b35cfa34c7b99e7f3b406ca43501300f6bdca1682a104c67a873c6d270ccff
35a41947f54c96134d1c364c7eef3d692d3af0be37874a86a94c22bdc6d464bf
3be25e41a21cbc4c9494b4bbbf0be2f85f8ceb611e7faa2eb0beb6fa777fef1e
468373405865be8ad2f88f13fa1df115afeea0a817fb2824550cf3dd13eb4dc5
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5462bae9b865a2bf0f42b14eea6e1d3e8e6666f7a88e080e68f5360c14133723
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
574f9f57fde7bd91df5a5710c2300f40a44490e01adbf74c0731be5f1c1ab60c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7bd0728837b2c2b36b74d1c6898ff0f8b5ba1fbe4e2080e1c7ba574d98bcedbe
8334f4029f810b5d5624f85e76d15eb51c299f3b63117cfd0473115cb8ed6b67
8e393e4bf906f7a6fcb049a98fd7c3779270646a606eab3a0288c01a3a1e66bc
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a9c371a864aa63edef65ca81a82f712dcaae75ab2b94db4301dce5ec70c4ac37
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9
c81b68b9ee19d9ecdeceecd9650d49a8c5cbb49d5a110986b14199407a900e48
c8c147de6305a3e072ce942a6ca51b41204895c8f42bb679b1c4c082e621cc58
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf5080d2cce6f36e0b33814b774307c1a3e3371a2d65d00e24d94520a39725fc
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
e1ad10777f6a56a407dd2851c1108069e7dd5fbb2de4e2386d09394df436f983
e3276cdd5a5af5c6823e09501e52b3899eeef30957bcbe0cad80382964d95b71
e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876
ee99580ce56b9eefdb44d86e2f41a730798e0b5136447716c6c25a680f1665bf
f6324567cf5dadc00e88960d00baad1653c4fe481fb1308a50ab96dc3bfbf3a6
f7a953ccd2e5dffd5ee1180014ba7e52c325b12eee885a5b73e765a48e63e6dd
f8c111e4b70d77f9aef4a538f6992f12a556f9a40e195bcfd02d15c9e9d0a2fc
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
ff079ef1006c587fcf1b4871d98f3103a59ff9137952920c57ad64542ce2c786

cegahcovid.com Open in urlscan Pro 2606:4700:3033::6818:71de Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

54 %IPv6

10 Domains

13 Subdomains

12 IPs

4 Countries

1589 kBTransfer

2486 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cegahcovid.com Open in urlscan Pro
2606:4700:3033::6818:71de Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

54 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1589 kB
Transfer

2486 kB
Size

4
Cookies

41 HTTP transactions
0 data transactions