urlscan.io logo urlscan.io
SecurityTrails logo

cegahcovid.com Open in urlscan Pro
2606:4700:3031::6818:70de  Public Scan

Go To Rescan Add Verdict Report
URL: https://cegahcovid.com/
Submission: On March 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3031::6818:70de, located in United States and belongs to CLOUDFLARENET, US. The main domain is cegahcovid.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 24th 2020. Valid for: 7 months.
This is the only time cegahcovid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
13 2a0b:4d07:102::1 44239 (PROINITY ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 139.59.217.206 14061 (DIGITALOC...)
1 192.0.77.48 2635 (AUTOMATTIC)
1 1 99.86.3.18 16509 (AMAZON-02)
5 13.226.159.79 16509 (AMAZON-02)
1 75.2.88.188 16509 (AMAZON-02)
39 12
2    2606:4700:3031::6818:70de (United States)

ASN13335 (CLOUDFLARENET, US)
cegahcovid.com
13    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)
mk0cegahcovid5rw06w1.kinstacdn.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:30e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
2    2606:4700:3030::681b:ae56 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onpay.my
1    2606:4700:3030::681f:5229 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prooffactor.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    139.59.217.206 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
myfacemask.onpay.my
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
1    99.86.3.18 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-18.fra6.r.cloudfront.net
widget.intercom.io
5    13.226.159.79 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-79.dus51.r.cloudfront.net
js.intercomcdn.com
1    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Domain Requested by
13 mk0cegahcovid5rw06w1.kinstacdn.com cegahcovid.com
9 fonts.gstatic.com cegahcovid.com
5 js.intercomcdn.com js.intercomcdn.com
2 cdn.onpay.my cegahcovid.com
cdn.onpay.my
2 cdn.useproof.com cegahcovid.com
cdn.useproof.com
2 cegahcovid.com cegahcovid.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 s.w.org cegahcovid.com
1 myfacemask.onpay.my cdn.onpay.my
1 ajax.googleapis.com cegahcovid.com
1 cdn.prooffactor.com cegahcovid.com
1 fonts.googleapis.com cegahcovid.com
39 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-24 -
2020-10-09		 7 months crt.sh
*.kinstacdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-11-19 -
2021-02-16		 2 years crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.onpay.my
Sectigo RSA Domain Validation Secure Server CA		 2019-06-10 -
2021-06-02		 2 years crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2019-12-19 -
2021-12-18		 2 years crt.sh
*.intercomcdn.com
Amazon		 2019-04-27 -
2020-05-27		 a year crt.sh
*.intercom.com
Amazon		 2019-06-11 -
2020-07-11		 a year crt.sh

This page contains 4 frames:

Primary Page: https://cegahcovid.com/
Frame ID: 977A90BCC94CF4395A4106EDF2A1F5E2
Requests: 32 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: D72D27440FF192E8C51965D7FFD369C8
Requests: 1 HTTP requests in this frame

Frame: https://myfacemask.onpay.my/order/form/1?embed=1&only_form=1
Frame ID: 3E2785D7BA358DE54D4870443029BD91
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Frame ID: 250C7C92A1E74F83F2F3D6E0B2713A28
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

39
Requests

100 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

1556 kB
Transfer

2487 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://widget.intercom.io/widget/fog6zh3d HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cegahcovid.com/ 		108 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:70de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aac8c5d3175e118db4f18659f987ed62c96f80e7036793f20b5f3de00f09472
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
cegahcovid.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Tue, 24 Mar 2020 13:01:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2fcf9f481012376829bab08cb904ae451585054882; expires=Thu, 23-Apr-20 13:01:22 GMT; path=/; domain=.cegahcovid.com; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
link
<https://cegahcovid.com/wp-json/>; rel="https://api.w.org/" <https://cegahcovid.com/>; rel=shortlink
x-kinsta-cache
HIT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57909497ab9bd711-FRA
content-encoding
br
page-6.css
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/ 		148 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.css?ver=f4f61ee89a8a106518b21f008b3e8766
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f8c111e4b70d77f9aef4a538f6992f12a556f9a40e195bcfd02d15c9e9d0a2fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
last-modified
Mon, 23 Mar 2020 23:27:23 GMT
server
keycdn-engine
etag
W/"5e7945db-25015"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31556940
cf-ray
579094a088e5d437-BUD
expires
Wed, 24 Mar 2021 18:50:25 GMT
jquery.js
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
last-modified
Mon, 23 Mar 2020 20:40:24 GMT
server
keycdn-engine
etag
W/"5e791eb8-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31556940
cf-ray
579094a0590bf927-MXP
expires
Wed, 24 Mar 2021 18:50:25 GMT
jquery-migrate.min.js
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
last-modified
Mon, 23 Mar 2020 20:40:24 GMT
server
keycdn-engine
etag
W/"5e791eb8-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31556940
cf-ray
579094a07dfbf91b-MXP
expires
Wed, 24 Mar 2021 18:50:25 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c81b68b9ee19d9ecdeceecd9650d49a8c5cbb49d5a110986b14199407a900e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 13:01:23 GMT
server
ESF
date
Tue, 24 Mar 2020 13:01:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Mar 2020 13:01:23 GMT
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=taQBalArhrPZiq322rMjcQFEXFH3
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:23 GMT
cf-cache-status
HIT
age
2245118
status
200
content-type
application/javascript
content-length
497715
x-amz-id-2
bS+v5eKXHXOmCual2HeAK4LhRA8Yv1qyOLBXSy0cntrZf6KhFmbi5NFEQ0WGtNGfkCphZLoaibg=
last-modified
Thu, 15 Aug 2019 15:41:48 GMT
server
cloudflare
etag
"fa2c0c9552b99319ed55ce70955855f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
92EB98372714E456
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
7RsCJUNysRMcqkyRLwe1KtYXPZzstQg_
accept-ranges
bytes
cf-ray
5790949fbd03beb5-FRA
wp-emoji-release.min.js
cegahcovid.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cegahcovid.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:70de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 23 Mar 2020 20:40:23 GMT
server
cloudflare
status
200
etag
W/"5e791eb7-362a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5790949fcd59d711-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
facemask-pandemic-control-hero1.png
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/facemask-pandemic-control-hero1.png
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7bd0728837b2c2b36b74d1c6898ff0f8b5ba1fbe4e2080e1c7ba574d98bcedbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
296006
last-modified
Mon, 23 Mar 2020 20:48:46 GMT
server
keycdn-engine
etag
"5e7920ae-48446"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094aa8f72f92f-MXP
expires
Wed, 24 Mar 2021 18:50:27 GMT
mask-detail.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
574f9f57fde7bd91df5a5710c2300f40a44490e01adbf74c0731be5f1c1ab60c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
60555
last-modified
Mon, 23 Mar 2020 20:48:48 GMT
server
keycdn-engine
etag
"5e7920b0-ec8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094aacd24d608-MXP
expires
Wed, 24 Mar 2021 18:50:27 GMT
mask-detail-3.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail-3.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c8c147de6305a3e072ce942a6ca51b41204895c8f42bb679b1c4c082e621cc58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
37070
last-modified
Mon, 23 Mar 2020 20:48:49 GMT
server
keycdn-engine
etag
"5e7920b1-90ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094aaed58d413-BUD
expires
Wed, 24 Mar 2021 18:50:27 GMT
mask-detail-2.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/mask-detail-2.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ff079ef1006c587fcf1b4871d98f3103a59ff9137952920c57ad64542ce2c786
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
32883
last-modified
Mon, 23 Mar 2020 20:48:50 GMT
server
keycdn-engine
etag
"5e7920b2-8073"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094aaf8af4326-MXP
expires
Wed, 24 Mar 2021 18:50:27 GMT
1-1.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/1-1.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ee99580ce56b9eefdb44d86e2f41a730798e0b5136447716c6c25a680f1665bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:33 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
8264
last-modified
Mon, 23 Mar 2020 20:48:51 GMT
server
keycdn-engine
etag
"5e7920b3-2048"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094ab2b7c4036-SOF
expires
Wed, 24 Mar 2021 18:50:33 GMT
2.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/2.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8334f4029f810b5d5624f85e76d15eb51c299f3b63117cfd0473115cb8ed6b67
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
7909
last-modified
Mon, 23 Mar 2020 20:48:52 GMT
server
keycdn-engine
etag
"5e7920b4-1ee5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094ab8a817e9e-BUD
expires
Wed, 24 Mar 2021 18:50:26 GMT
3-1.jpg
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/uploads/2020/03/3-1.jpg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
468373405865be8ad2f88f13fa1df115afeea0a817fb2824550cf3dd13eb4dc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 13:01:26 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
7151
last-modified
Mon, 23 Mar 2020 20:48:53 GMT
server
keycdn-engine
etag
"5e7920b5-1bef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094ab7c78f923-MXP
expires
Wed, 24 Mar 2021 18:50:26 GMT
embed-order-form.min.js
cdn.onpay.my/assets/js/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onpay.my/assets/js/embed-order-form.min.js
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:ae56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3276cdd5a5af5c6823e09501e52b3899eeef30957bcbe0cad80382964d95b71

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:23 GMT
content-encoding
br
cf-cache-status
HIT
age
2298
status
200
x-amz-request-id
24E2D5D45849AEC4
x-amz-id-2
GhI4ktCylFQH7faM43GZv26KAKRNmmRddfDKg2iWsDwmeqh1KTNWCXeX9xMAtO0Ej/vP+3beyl8=
last-modified
Tue, 24 Mar 2020 12:23:05 GMT
server
cloudflare
etag
W/"a3bc1592fc161ef17e896ed25100fde3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cf-worker
YES
cache-control
max-age=14400
server-client
OnPay Solutions Sdn Bhd
cf-ray
579094a06a59bec4-FRA
expires
Tue, 24 Mar 2020 16:23:05 GMT
jcr-widget.js
cdn.prooffactor.com/javascript/dist/1.0/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prooffactor.com/javascript/dist/1.0/jcr-widget.js
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0641ab1a466a39600fc4c2e614dab6e06392a65a9c81ad1b7ca754d4eed9eb3

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
br
cf-cache-status
HIT
age
350
status
200
x-guploader-uploadid
AEnB2UrssKc-HM4CydEB-l54Ii9zKZFc2Kg8L_T8uN6kYiAQuq3pylW190052d4QNe63ss0lqu4a2ycLrIITR7yHo2i25M6IqQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
access-control-allow-origin
*
last-modified
Mon, 23 Mar 2020 14:53:13 GMT
server
cloudflare
etag
W/"c9367aa19f737e253b27d967ee0bea35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=6uMRRg==, md5=yTZ6oZ9zfiU7J9ln7gvqNQ==
content-type
application/javascript
x-goog-generation
1584975193281855
cache-control
public, max-age=3600
x-goog-stored-content-length
61198
cf-ray
579094aaba5f1772-FRA
expires
Tue, 24 Mar 2020 13:55:35 GMT
page-6.js
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.js?ver=f4f61ee89a8a106518b21f008b3e8766
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
f6324567cf5dadc00e88960d00baad1653c4fe481fb1308a50ab96dc3bfbf3a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
last-modified
Mon, 23 Mar 2020 20:48:59 GMT
server
keycdn-engine
etag
W/"5e7920bb-15c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31556940
cf-ray
579094a1e948be3c-MXP
expires
Wed, 24 Mar 2021 18:50:25 GMT
wp-embed.min.js
mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
last-modified
Mon, 23 Mar 2020 20:40:24 GMT
server
keycdn-engine
etag
W/"5e791eb8-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31556940
cf-ray
579094a84928d230-SOF
expires
Wed, 24 Mar 2021 18:50:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 14:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1637716
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Mar 2021 14:06:09 GMT
index.html
cdn.useproof.com/proxy/ Frame D72D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=taQBalArhrPZiq322rMjcQFEXFH3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:30e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.useproof.com
:scheme
https
:path
/proxy/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://cegahcovid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://cegahcovid.com/

Response headers

status
200
date
Tue, 24 Mar 2020 13:01:26 GMT
content-type
text/html
content-length
325
set-cookie
__cfduid=d6b148c962fcd9fbf933d93635a551bb61585054885; expires=Thu, 23-Apr-20 13:01:25 GMT; path=/; domain=.useproof.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
e8Vq70H33tejRVaAHE36RfZ2fIUSdRrIpR8jej7AXb2nBJHdCoVEpwR8iKzD/Tmd4cHxwfHo+s0=
x-amz-request-id
166291952F4F70F0
last-modified
Thu, 15 Aug 2019 15:41:48 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
cache-control
max-age=315360000, no-transform, public
x-amz-version-id
V3wOD8RjbA.D9D1fAXIzDOps5d_6lt3O
accept-ranges
bytes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
579094ab8ac2beb5-FRA
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1676926
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:12:39 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
4623066
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:50:19 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2261659
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT
op3-icons.woff2
mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/fonts/ 		202 KB
202 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/fonts/op3-icons.woff2?ver=1.7.0
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
3be25e41a21cbc4c9494b4bbbf0be2f85f8ceb611e7faa2eb0beb6fa777fef1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-content/plugins/op-builder/public/assets/cache/page-6.css?ver=f4f61ee89a8a106518b21f008b3e8766
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 13:01:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-edge-location
defr
x-cache
MISS
status
200
content-length
206376
last-modified
Mon, 23 Mar 2020 20:47:54 GMT
server
keycdn-engine
etag
"5e79207a-32628"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
cf-ray
579094abdbd3d228-SOF
expires
Wed, 24 Mar 2021 18:50:27 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1195237
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 24 Feb 2020 20:33:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
2478447
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Tue, 23 Feb 2021 20:33:58 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 00:55:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:29 GMT
server
sffe
age
1685182
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Fri, 05 Mar 2021 00:55:03 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 25 Feb 2020 01:21:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:13 GMT
server
sffe
age
2461167
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7836
x-xss-protection
0
expires
Wed, 24 Feb 2021 01:21:58 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 04:10:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 21:22:04 GMT
server
sffe
age
1587053
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7968
x-xss-protection
0
expires
Sat, 06 Mar 2021 04:10:32 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
fonts.gstatic.com/s/ibmplexsans/v7/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v7/zYXgKVElMYYaJe8bpLHnCwDKhdHeFaxOedc.woff2
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Open+Sans:400,600,700|Poppins:400,500,600,700|Roboto:400,500,700
Origin
https://cegahcovid.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:31:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:47:55 GMT
server
sffe
age
2262606
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12872
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:31:19 GMT
iframeResizer.min.js
cdn.onpay.my/assets/plugins/iframe-resizer/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onpay.my/assets/plugins/iframe-resizer/iframeResizer.min.js
Requested by
Host: cdn.onpay.my
URL: https://cdn.onpay.my/assets/js/embed-order-form.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681b:ae56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 13:01:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Jun 2019 23:54:02 GMT
server
cloudflare
x-amz-request-id
DCF0F368FD7CAE61
etag
W/"d3c21b1f9bf8acc1a62ddbec9346aab1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
579094ab6e4cbec4-FRA
x-amz-id-2
SF7Pwk7GZPhAF/LqUu/g3MxM+GjKP3xPOgEtWmdBaArFPWDBlwVwaBRtDEASljjOrvVIEWAKztU=
1
myfacemask.onpay.my/order/form/ Frame 3E27 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://myfacemask.onpay.my/order/form/1?embed=1&only_form=1
Requested by
Host: cdn.onpay.my
URL: https://cdn.onpay.my/assets/js/embed-order-form.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
139.59.217.206 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx-rc /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
myfacemask.onpay.my
:scheme
https
:path
/order/form/1?embed=1&only_form=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://cegahcovid.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://cegahcovid.com/

Response headers

status
200
server
nginx-rc
date
Tue, 24 Mar 2020 13:01:26 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
set-cookie
ONPAY-base=QBavT2lMwiz5A4ZJvEVPtTKUYdxubO4YOGJp1VEg9o6eyKra; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
1f4e6.svg
s.w.org/images/core/emoji/12.0.0-1/svg/ 		2 KB
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/12.0.0-1/svg/1f4e6.svg
Requested by
Host: cegahcovid.com
URL: https://cegahcovid.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
35a41947f54c96134d1c364c7eef3d692d3af0be37874a86a94c22bdc6d464bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT fra 2
date
Tue, 24 Mar 2020 13:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 08 Apr 2019 05:13:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
vary
Accept-Encoding
expires
Thu, 31 Dec 2037 23:55:55 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/fog6zh3d
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.159.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48ca267bac892e8a4a5879bb8a7ef7e5ec67673b0975eadec0b9df36a9ae22cf

Request headers

Referer
https://cegahcovid.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:59:58 GMT
content-encoding
gzip
age
97
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2830
last-modified
Mon, 23 Mar 2020 19:54:27 GMT
server
AmazonS3
etag
"72bf0d578cafaf37f683a6d80ddd1a4a"
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
p2L1qWdNszrggEEHSog5aYeKm8mSpK1zkgLsdf2AWut863y8YGAL9w==

Redirect headers

date
Tue, 24 Mar 2020 05:05:24 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
server
AmazonS3
age
28570
location
https://js.intercomcdn.com/shim.latest.js
x-cache
Hit from cloudfront
status
302
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
RkPmqaMpah7du8D8bLGQxdMHiRd1i9tg8T_hV-H4yJ1Mz3SyaBQ3oQ==
frame-modern.3c0969b1.js
js.intercomcdn.com/ Frame 250C 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3c0969b1.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.159.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f8e958c199f11a1955b997c110ed162d21ba8f6757d99ff3af2024186ce0780

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 11:10:26 GMT
content-encoding
gzip
age
6677
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
55623
last-modified
Mon, 23 Mar 2020 19:48:01 GMT
server
AmazonS3
etag
"3c9a15bb453514efb2105d6b66103683"
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
DIVWg9Ojd3vRxzWy-EB-UZfjzFT9Yy1SVv5KZ_ZCSgxlrgOlHq4_uQ==
vendor-modern.b44097f3.js
js.intercomcdn.com/ Frame 250C 		153 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.b44097f3.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.159.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 11:08:42 GMT
content-encoding
gzip
age
6772
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
46566
last-modified
Tue, 10 Mar 2020 11:03:49 GMT
server
AmazonS3
etag
"badc3f3a05921b12bad394d1096f9168"
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
YDK2s5iQc_XMM_XeWDhdff19MbzE0rzhtWFqewZSoXzYcCDvIoD9Ow==
vendors~app-modern.cbcf51d6.js
js.intercomcdn.com/ Frame 250C 		264 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.cbcf51d6.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.159.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 11:08:52 GMT
content-encoding
gzip
age
6770
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
83198
last-modified
Tue, 10 Mar 2020 11:03:49 GMT
server
AmazonS3
etag
"3cb267cc1afb2cb8e5d00ec53cf1ea70"
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
Fh6ZZz7p-xXPaeMVcURno-NsmC7Qg1TeL-5ApSNUr6TjykSAZ1moAA==
app-modern.a19adab9.js
js.intercomcdn.com/ Frame 250C 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.a19adab9.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.159.79 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-79.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 11:08:42 GMT
content-encoding
gzip
age
6776
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
19057
last-modified
Tue, 10 Mar 2020 11:03:48 GMT
server
AmazonS3
etag
"d94f62cee712bbc1ecde963e220e4bd8"
content-type
application/javascript; charset=UTF-8
via
1.1 92eff4f17f8a434975f912a39f575296.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-amz-cf-id
-kLgX6ytXuCbumC0AJBzWD_M1BI_kmtDIn4Q3oIgEx57wW2loxwCcg==
ping
api-iam.intercom.io/messenger/web/ Frame 250C 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3c0969b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f7d11c2acff491eab841de27e21bf6b79f2afa985451ae74214fa1fdfbb0e295
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://cegahcovid.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 24 Mar 2020 13:01:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0005fs0sm35c3ctr4a7g
x-runtime
0.431009
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"f7d11c2acff491eab841de27e21bf6b7"
x-ratelimit-remaining
19999
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cegahcovid.com
x-intercom-version
50e498fce22a4b85c11bc3c04ef89295b0783517
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1585054920
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery function| setImmediate function| clearImmediate object| OOF object| intercomSettings function| Intercom object| OP3 function| onYouTubeIframeAPIReady function| onVideoBackgroundPlayerReady function| onVideoBackgroundPlayerStateChange function| iFrameResize object| proof-factor-plugin object| SENTRY_RELEASE object| __core-js_shared__ object| core

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://mk0cegahcovid5rw06w1.kinstacdn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.prooffactor.com/javascript/dist/1.0/jcr-widget.js(Line 16)
Message:
%cproof factor widget font-size:0.9em; color:#fff; background-color:#00b8ff; padding: 2px 7px; border-radius: 3px; margin: 0 0 2px; Initialize Proof Factor

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-iam.intercom.io
cdn.onpay.my
cdn.prooffactor.com
cdn.useproof.com
cegahcovid.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mk0cegahcovid5rw06w1.kinstacdn.com
myfacemask.onpay.my
s.w.org
widget.intercom.io
13.226.159.79
139.59.217.206
192.0.77.48
2606:4700:20::681a:30e
2606:4700:3030::681b:ae56
2606:4700:3030::681f:5229
2606:4700:3031::6818:70de
2a00:1450:4001:800::200a
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a0b:4d07:102::1
75.2.88.188
99.86.3.18
0135e2e9e8402d3042377fb8fcba6fe26521209e26c2ae50a85e24d974fb1f8e
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f27aa99970684e01cd59500c87377712f710b71ec163dbbcdc5956caebf9b42
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
35a41947f54c96134d1c364c7eef3d692d3af0be37874a86a94c22bdc6d464bf
3be25e41a21cbc4c9494b4bbbf0be2f85f8ceb611e7faa2eb0beb6fa777fef1e
468373405865be8ad2f88f13fa1df115afeea0a817fb2824550cf3dd13eb4dc5
48ca267bac892e8a4a5879bb8a7ef7e5ec67673b0975eadec0b9df36a9ae22cf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
574f9f57fde7bd91df5a5710c2300f40a44490e01adbf74c0731be5f1c1ab60c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
7bd0728837b2c2b36b74d1c6898ff0f8b5ba1fbe4e2080e1c7ba574d98bcedbe
8334f4029f810b5d5624f85e76d15eb51c299f3b63117cfd0473115cb8ed6b67
8f8e958c199f11a1955b997c110ed162d21ba8f6757d99ff3af2024186ce0780
9aac8c5d3175e118db4f18659f987ed62c96f80e7036793f20b5f3de00f09472
a0641ab1a466a39600fc4c2e614dab6e06392a65a9c81ad1b7ca754d4eed9eb3
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6fe863c8daf58dae1a31048a1ccabae2f4171be732475a1b57f40284384e156
bddc8274f21faf42728bffe6a29e60f62340c2ef7109d0c597bb97b5a2ed6bb9
c81b68b9ee19d9ecdeceecd9650d49a8c5cbb49d5a110986b14199407a900e48
c8c147de6305a3e072ce942a6ca51b41204895c8f42bb679b1c4c082e621cc58
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d32b2c653c571d5ebe401463197bd449b52f013c0da42995f8fc8b67524abccc
e3276cdd5a5af5c6823e09501e52b3899eeef30957bcbe0cad80382964d95b71
e4c74fc1c6e1746857c589a7dce4c123715c942eec464fb9ce4d894d3e601876
ee99580ce56b9eefdb44d86e2f41a730798e0b5136447716c6c25a680f1665bf
f6324567cf5dadc00e88960d00baad1653c4fe481fb1308a50ab96dc3bfbf3a6
f7d11c2acff491eab841de27e21bf6b79f2afa985451ae74214fa1fdfbb0e295
f8c111e4b70d77f9aef4a538f6992f12a556f9a40e195bcfd02d15c9e9d0a2fc
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
ff079ef1006c587fcf1b4871d98f3103a59ff9137952920c57ad64542ce2c786