Submitted URL: https://driphousebali.online/
Effective URL: https://msha.ke/driphousebali
Submission: On November 14 via api from BE — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 104.20.174.67, located in and belongs to . The main domain is msha.ke. The Cisco Umbrella rank of the primary domain is 126017.
TLS certificate: Issued by WE1 on September 29th 2024. Valid for: 3 months.
This is the only time msha.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
17 msha.ke
msha.ke — Cisco Umbrella Rank: 126017
looks.msha.ke — Cisco Umbrella Rank: 173997
fonts.msha.ke — Cisco Umbrella Rank: 153218
images.msha.ke — Cisco Umbrella Rank: 167968
analytics-beacon.msha.ke — Cisco Umbrella Rank: 152053
5 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2944
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
61 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
107 KB
1 driphousebali.online
driphousebali.online
757 B
21 7
Domain Requested by
6 looks.msha.ke msha.ke
looks.msha.ke
5 images.msha.ke msha.ke
4 msha.ke 1 redirects msha.ke
1 region1.google-analytics.com www.googletagmanager.com
1 analytics-beacon.msha.ke looks.msha.ke
1 connect.facebook.net msha.ke
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.msha.ke looks.msha.ke
1 fonts.googleapis.com looks.msha.ke
1 www.googletagmanager.com msha.ke
1 driphousebali.online 1 redirects
21 11

This site contains links to these domains. Also see Links.

Domain
wa.me
Subject Issuer Validity Valid
msha.ke
WE1
2024-09-29 -
2024-12-28
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-23 -
2024-11-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://msha.ke/driphousebali
Frame ID: EEA5B98CE48ADEBF2B1A13E4A8BDE5ED
Requests: 19 HTTP requests in this frame

Frame: https://msha.ke/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: F7A49F96857DA17417BD0E72E4F91222
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Drip House Bali – At-Home IV drip Vitamin Therapy in Bali | Immune, Hydration & Beauty Drips

Page URL History Show full URLs

  1. https://driphousebali.online/ HTTP 302
    https://msha.ke/driphousebali Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

95 %
HTTPS

86 %
IPv6

7
Domains

11
Subdomains

6
IPs

3
Countries

5311 kB
Transfer

8505 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://driphousebali.online/ HTTP 302
    https://msha.ke/driphousebali Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://msha.ke/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://msha.ke/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request driphousebali
msha.ke/
Redirect Chain
  • https://driphousebali.online/
  • https://msha.ke/driphousebali
23 KB
6 KB
Document
General
Full URL
https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef65522526171a25e911ab910e1795dcc1924688c05722de6296b4bbbd0a6c2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=7
cf-ray
8e23bd469dd29755-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Nov 2024 02:58:22 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e23bd457a7f9261-FRA
content-length
143
content-type
text/html
date
Thu, 14 Nov 2024 02:58:21 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://msha.ke/driphousebali
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fc8443d2Y7sObPb89YdLrGK1ICXH3xHE61FAQqB6oGAkkBiJfrAi%2FlOycHj311Q9WJtPPcr3DYWS9IudskfNnL%2BUE0sm8QswQt68HqIQWOWbBqPd1TmP8wckI3aOZyzCIB5LeDbavQBPNiKUBU1tIy%2F81g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=6090&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4144&recv_bytes=4295&delivery_rate=347288&cwnd=12000&unsent_bytes=0&cid=8f34bb244141c4ac&ts=18&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
styles.d125f680d8ff6938ed35.css
looks.msha.ke/site-generator/assets/
55 KB
12 KB
Stylesheet
General
Full URL
https://looks.msha.ke/site-generator/assets/styles.d125f680d8ff6938ed35.css
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
145f3021cbe7fb748c9334c21be4b542fae4870a90236c06db314a6be39ad01d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"857db1bfe562dd15ac0e45507b689a84"
age
1374868
cf-ray
8e23bd487e709755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 04:11:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
looks.41c17cfeadb4af0503a3.css
looks.msha.ke/assets/
286 KB
31 KB
Stylesheet
General
Full URL
https://looks.msha.ke/assets/looks.41c17cfeadb4af0503a3.css
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e9fc9042b0e434b14809a09117a29ddab9e44ba08efa3193cce4ab9a084a13b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"426152064dbe342a963bc520a49239c3"
age
771020
cf-ray
8e23bd487e729755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 02:43:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
js
www.googletagmanager.com/gtag/
317 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BLG6G8NZG9
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b56fd7c447af4034e6d59d2a11e894972a62cd765f8fea9c94d806722588e0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 14 Nov 2024 02:58:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108546
x-xss-protection
0
server
Google Tag Manager
14e380a270c331b2da9ec103e5fd31c6.svg
looks.msha.ke/site-generator/assets/
1 KB
868 B
Image
General
Full URL
https://looks.msha.ke/site-generator/assets/14e380a270c331b2da9ec103e5fd31c6.svg
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1da2f329ff97fca9fb07b2390262c5c221208eb29f8f3b997412fe27557d0874

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"14e380a270c331b2da9ec103e5fd31c6"
age
780122
cf-ray
8e23bd487e719755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/svg+xml
last-modified
Wed, 23 Oct 2024 04:11:00 GMT
vary
Accept-Encoding
priority
u=2,i
main.bf4d69a807bf7ac3b79b.js
looks.msha.ke/site-generator/assets/
3 MB
450 KB
Script
General
Full URL
https://looks.msha.ke/site-generator/assets/main.bf4d69a807bf7ac3b79b.js
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b49d6405ffc1efd3352439ee2301bffa9b4e0fd4a1ea6c4801355b9ac50595ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"f788e2f89b6586d560d3287aba600bb9"
age
88490
cf-ray
8e23bd487e6e9755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
application/javascript
last-modified
Thu, 07 Nov 2024 08:42:12 GMT
vary
Accept-Encoding
priority
u=2,i=?0
css2
fonts.googleapis.com/
69 KB
3 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Caveat:wght@400;700&family=Karla:ital,wght@0,400;0,700;1,400;1,700&family=Cormorant+Garamond:ital,wght@0,400;0,600;1,600&family=Josefin+Sans:wght@600&family=Sacramento:wght@400&family=Montserrat:wght@300;400;500;600;700&family=Overpass:wght@400;800&family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Playfair+Display:ital,wght@0,400;0,700;1,400;1,700&family=Poppins:wght@200;400;600;800&family=IBM+Plex+Sans:wght@300;600&family=Cutive+Mono:wght@400&family=Hind:wght@600&family=EB+Garamond:wght@400;600&family=Chivo:wght@400;700&family=Archivo+Black:wght@400&family=Archivo+Narrow:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Inter:wght@300;400;700&display=swap
Requested by
Host: looks.msha.ke
URL: https://looks.msha.ke/assets/looks.41c17cfeadb4af0503a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9af7a73f90b3212faea07b920078ded8ff7ad9254fdc940900fbf96d9e221d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://looks.msha.ke/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 02:58:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 14 Nov 2024 02:58:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
work-sans.css
fonts.msha.ke/work-sans/
3 KB
660 B
Stylesheet
General
Full URL
https://fonts.msha.ke/work-sans/work-sans.css
Requested by
Host: looks.msha.ke
URL: https://looks.msha.ke/assets/looks.41c17cfeadb4af0503a3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8a466e6c3619659889aba7f4abfba8c9c50cd74463c2974acfab51caad5060f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://looks.msha.ke/

Response headers

server
cloudflare
cache-control
public,max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"ac481daaf8983aa13233cad76940a575"
age
780617
cf-ray
8e23bd48de939755-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/css
last-modified
Tue, 22 Nov 2022 07:51:12 GMT
vary
Accept-Encoding
priority
u=0,i=?0
look24-bg-57ab3bd243be4669894159ee68b42a35.svg
looks.msha.ke/assets/
875 B
511 B
Image
General
Full URL
https://looks.msha.ke/assets/look24-bg-57ab3bd243be4669894159ee68b42a35.svg
Requested by
Host: looks.msha.ke
URL: https://looks.msha.ke/site-generator/assets/styles.d125f680d8ff6938ed35.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
83fdb9dd7dfdb6dec51e15ce6f269d54382ef38288bf2558e31d13a1fa96f5b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://looks.msha.ke/site-generator/assets/styles.d125f680d8ff6938ed35.css

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"57ab3bd243be4669894159ee68b42a35"
age
770390
cf-ray
8e23bd493eb99755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/svg+xml
last-modified
Tue, 05 Nov 2024 02:43:23 GMT
vary
Accept-Encoding
priority
u=3,i
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Caveat:wght@400;700&family=Karla:ital,wght@0,400;0,700;1,400;1,700&family=Cormorant+Garamond:ital,wght@0,400;0,600;1,600&family=Josefin+Sans:wght@600&family=Sacramento:wght@400&family=Montserrat:wght@300;400;500;600;700&family=Overpass:wght@400;800&family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&family=Playfair+Display:ital,wght@0,400;0,700;1,400;1,700&family=Poppins:wght@200;400;600;800&family=IBM+Plex+Sans:wght@300;600&family=Cutive+Mono:wght@400&family=Hind:wght@600&family=EB+Garamond:wght@400;600&family=Chivo:wght@400;700&family=Archivo+Black:wght@400&family=Archivo+Narrow:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=Inter:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://msha.ke
Referer
https://fonts.googleapis.com/

Response headers

age
60609
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 10:08:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 10:08:13 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
cc2eb338-0b28-420d-846d-00e067617e2d
images.msha.ke/
4 MB
4 MB
Image
General
Full URL
https://images.msha.ke/cc2eb338-0b28-420d-846d-00e067617e2d?auto=format%2Ccompress&cs=tinysrgb&q=30&w=828
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7764a006c23bfca04f9d8248c9929f543df5e0ba208daa055229ad5ed23374

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

cf-bgj
imgq:85,h2pri
etag
"186777dda3867755315000558a5b6ea9"
cf-cache-status
REVALIDATED
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/gif
last-modified
Sun, 10 Nov 2024 07:51:24 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=31536000
cf-ray
8e23bd498ed69755-FRA
accept-ranges
bytes
content-length
4481775
server
cloudflare
73d02793-ef92-47b8-ac10-d5ba4a41891f
images.msha.ke/
65 KB
65 KB
Image
General
Full URL
https://images.msha.ke/73d02793-ef92-47b8-ac10-d5ba4a41891f?auto=format%2Ccompress&cs=tinysrgb&q=30&w=828
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
082c1d7f3f8698d5faa5bb7400c98f6f05cb9abe320d06b05dcb5304bf430e42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
max-age=31536000
cf-cache-status
MISS
etag
"f1a534b05aef4b1818c6a53134e7cd11"
cf-ray
8e23bd498ed29755-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
66217
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/jpeg
last-modified
Sat, 09 Nov 2024 14:53:32 GMT
vary
Accept-Encoding
priority
u=3,i
773bd454-f44c-46b6-a33d-87ccb80b34f7
images.msha.ke/
41 KB
41 KB
Image
General
Full URL
https://images.msha.ke/773bd454-f44c-46b6-a33d-87ccb80b34f7?auto=format%2Ccompress&cs=tinysrgb&q=30&w=828
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec2b6a8e545fc123a4ffcb703c99c22334a5fe8367552bd0e52f11b252872d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e204fe7c0a08f653a06727a928bea094"
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=73476
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/webp
last-modified
Sat, 09 Nov 2024 14:51:40 GMT
vary
Accept
priority
u=3,i
cache-control
max-age=31536000
cf-ray
8e23bd498ed39755-FRA
accept-ranges
bytes
content-length
41524
server
cloudflare
6c666753-ea00-4dda-883e-fa2b1f919c7d
images.msha.ke/
35 KB
35 KB
Image
General
Full URL
https://images.msha.ke/6c666753-ea00-4dda-883e-fa2b1f919c7d?auto=format%2Ccompress&cs=tinysrgb&q=30&w=828
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
99526c4f08cc6f0b895405c03cc792b7dff0449301be65ed6e5047d630e894fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

cf-bgj
imgq:85,h2pri
etag
"c4b1a579ecb53efe0678af70a3e888ad"
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=68103
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/webp
last-modified
Sat, 09 Nov 2024 14:53:04 GMT
vary
Accept
priority
u=3,i
cache-control
max-age=31536000
cf-ray
8e23bd498ed59755-FRA
accept-ranges
bytes
content-length
35546
server
cloudflare
00604ec1-743e-40e4-a74c-ddc02aa109d7
images.msha.ke/
65 KB
65 KB
Image
General
Full URL
https://images.msha.ke/00604ec1-743e-40e4-a74c-ddc02aa109d7?auto=format%2Ccompress&cs=tinysrgb&q=30&w=828
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddced769d0740184c48a83976cdc913d3bcab39ab408013159c9082163c3bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
max-age=31536000
cf-cache-status
MISS
etag
"13196aa4a102c43524da2c713c8d298a"
cf-ray
8e23bd498ed79755-FRA
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
66447
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/jpeg
last-modified
Sat, 09 Nov 2024 14:53:51 GMT
vary
Accept-Encoding
priority
u=3,i
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: msha.ke
URL: https://msha.ke/driphousebali
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OrKPujhN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OrKPujhN' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4472, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
K3sFpwEaFlC5aT10bJwKEJI/A81l8Q4ZAeVBpOOM8iIWEn7+t2W0g73+7v6W9pLN6EctILP2rELuioasieFvJA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
start-session
analytics-beacon.msha.ke/
2 B
156 B
Ping
General
Full URL
https://analytics-beacon.msha.ke/start-session
Requested by
Host: looks.msha.ke
URL: https://looks.msha.ke/site-generator/assets/main.bf4d69a807bf7ac3b79b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://msha.ke/

Response headers

cf-ray
8e23bd49fef09755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
2
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=4,i
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-BLG6G8NZG9&gtm=45je4bc0v9101635918za200&_p=1731553102246&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102077855&cid=820807738.1731553102&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&dl=https%3A%2F%2Fmsha.ke%2Fdriphousebali%2F&sid=1731553102&sct=1&seg=0&dt=Drip%20House%20Bali%20%E2%80%93%20At-Home%20IV%20drip%20Vitamin%20Therapy%20in%20Bali%20%7C%20Immune%2C%20Hydration%20%26%20Beauty%20Drips&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.site_uuid=cb721999-d1b9-4773-a395-f55470173219&ep.has_mwm_card=false&ep.product_groups=subscription.pro1&ep.card_uuid=08bd4416-a0e2-4732-a9b1-e8d293391c14&tfd=886
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLG6G8NZG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://msha.ke
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/plain
server
Golfe2
main.js
msha.ke/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame F7A4
Redirect Chain
  • https://msha.ke/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://msha.ke/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://msha.ke/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ef209c8f523cf59e0548bbb891b445913bf8503bafa8b36e949f6780a0b1941b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
8e23bd4acf4c9755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8e23bd4abf409755-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
d7ac02eea45e49763771f8e6b8ca3a35.ico
looks.msha.ke/site-generator/assets/
99 KB
4 KB
Other
General
Full URL
https://looks.msha.ke/site-generator/assets/d7ac02eea45e49763771f8e6b8ca3a35.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d04cbc31e2592b159a49120ba2219f797368a3f16727283c03ef73b9888def30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://msha.ke/

Response headers

server
cloudflare
cache-control
public, max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"d7ac02eea45e49763771f8e6b8ca3a35"
age
691594
cf-ray
8e23bd4acf4d9755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
image/vnd.microsoft.icon
last-modified
Wed, 06 Nov 2024 02:39:18 GMT
vary
Accept-Encoding
priority
u=1,i
8e23bd469dd29755
msha.ke/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F7A4
0
688 B
XHR
General
Full URL
https://msha.ke/cdn-cgi/challenge-platform/h/b/jsd/r/8e23bd469dd29755
Requested by
Host: msha.ke
URL: https://msha.ke/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.174.67 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e23bd4b9f9f9755-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Thu, 14 Nov 2024 02:58:22 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| siteUUID string| paypalMerchantId string| paypalClientId string| namespace string| productGroups string| metaPixelId object| dataLayer function| gtag function| getPageLocation function| fbq function| _fbq boolean| _ccRun object| dom7Listeners object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

1 Cookies

Domain/Path Name / Value
.msha.ke/ Name: cf_clearance
Value: Ix.jzjKEBKyMLBxclbRRlMIO_mYlHKRdBI8AtwqcefA-1731553102-1.2.1.1-0cKX9uvJNaMto7S97KnFSjQQoAhLqjBeyAik9AMB0cZdwYwBSeXjdqqF1W9Ljmx.LuZl6JpcH9rfHNOi3IKgzNEZS8ZaJUsfWUPJrrqkqA0HCFmqzV67WvtKbt3kc18WGaTDW4vcahkWfesyGcmf7sU60dHjJ1zuY4B5iV7TYP9SfTl2b27eb4DYhawIVmoZ3jlP61Zz2JTeAQ0cBoZR4D_xAQceBAw_Q7xfH6HNMl5_sf2E0aDg5WzvNU8tik00oeTTWmwJe4K6xC3ynk9Qdr4fQSciTnLLARF30M3XbxW7MFhiCD6ZCXt59X77rsOFxXqjB.acXaoEVld7m2oJV.q8YtSJ4foY9vMXpZipeSwxy2bPeOxRs.QBEiZbGnL6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-beacon.msha.ke
connect.facebook.net
driphousebali.online
fonts.googleapis.com
fonts.gstatic.com
fonts.msha.ke
images.msha.ke
looks.msha.ke
msha.ke
region1.google-analytics.com
www.googletagmanager.com
104.20.174.67
2001:4860:4802:34::36
2606:4700:3036::6815:2f9
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a03:2880:f083:9:face:b00c:0:3
082c1d7f3f8698d5faa5bb7400c98f6f05cb9abe320d06b05dcb5304bf430e42
145f3021cbe7fb748c9334c21be4b542fae4870a90236c06db314a6be39ad01d
1da2f329ff97fca9fb07b2390262c5c221208eb29f8f3b997412fe27557d0874
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3fddced769d0740184c48a83976cdc913d3bcab39ab408013159c9082163c3bc
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
83fdb9dd7dfdb6dec51e15ce6f269d54382ef38288bf2558e31d13a1fa96f5b9
8a466e6c3619659889aba7f4abfba8c9c50cd74463c2974acfab51caad5060f3
99526c4f08cc6f0b895405c03cc792b7dff0449301be65ed6e5047d630e894fa
9af7a73f90b3212faea07b920078ded8ff7ad9254fdc940900fbf96d9e221d3b
9ec2b6a8e545fc123a4ffcb703c99c22334a5fe8367552bd0e52f11b252872d4
b49d6405ffc1efd3352439ee2301bffa9b4e0fd4a1ea6c4801355b9ac50595ab
b56fd7c447af4034e6d59d2a11e894972a62cd765f8fea9c94d806722588e0be
d04cbc31e2592b159a49120ba2219f797368a3f16727283c03ef73b9888def30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9fc9042b0e434b14809a09117a29ddab9e44ba08efa3193cce4ab9a084a13b5
eb7764a006c23bfca04f9d8248c9929f543df5e0ba208daa055229ad5ed23374
ef209c8f523cf59e0548bbb891b445913bf8503bafa8b36e949f6780a0b1941b
ef65522526171a25e911ab910e1795dcc1924688c05722de6296b4bbbd0a6c2a
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af